diff --git a/auth/token/accesscontroller.go b/auth/token/accesscontroller.go
index 09d78a71..f7ca4d52 100644
--- a/auth/token/accesscontroller.go
+++ b/auth/token/accesscontroller.go
@@ -243,7 +243,7 @@ func (ac *accessController) Authorized(req *http.Request, accessItems ...auth.Ac
 
 	verifyOpts := VerifyOptions{
 		TrustedIssuers:    common.NewStringSet(ac.issuer),
-		AccpetedAudiences: common.NewStringSet(ac.service),
+		AcceptedAudiences: common.NewStringSet(ac.service),
 		Roots:             ac.rootCerts,
 		TrustedKeys:       ac.trustedKeys,
 	}
diff --git a/auth/token/token.go b/auth/token/token.go
index 2c1114a6..568b257a 100644
--- a/auth/token/token.go
+++ b/auth/token/token.go
@@ -86,7 +86,7 @@ type Token struct {
 // options when verifying a JSON Web Token.
 type VerifyOptions struct {
 	TrustedIssuers    common.StringSet
-	AccpetedAudiences common.StringSet
+	AcceptedAudiences common.StringSet
 	Roots             *x509.CertPool
 	TrustedKeys       map[string]libtrust.PublicKey
 }
@@ -156,7 +156,7 @@ func (t *Token) Verify(verifyOpts VerifyOptions) error {
 	}
 
 	// Verify that the Audience claim is allowed.
-	if !verifyOpts.AccpetedAudiences.Contains(t.Claims.Audience) {
+	if !verifyOpts.AcceptedAudiences.Contains(t.Claims.Audience) {
 		log.Errorf("token intended for another audience: %q", t.Claims.Audience)
 		return ErrInvalidToken
 	}
diff --git a/auth/token/token_test.go b/auth/token/token_test.go
index c1e0d2ad..13d7cede 100644
--- a/auth/token/token_test.go
+++ b/auth/token/token_test.go
@@ -197,7 +197,7 @@ func TestTokenVerify(t *testing.T) {
 
 	verifyOps := VerifyOptions{
 		TrustedIssuers:    common.NewStringSet(issuer),
-		AccpetedAudiences: common.NewStringSet(audience),
+		AcceptedAudiences: common.NewStringSet(audience),
 		Roots:             rootPool,
 		TrustedKeys:       trustedKeys,
 	}