diff --git a/.changelog/10442.txt b/.changelog/10442.txt
new file mode 100644
index 0000000000..b0a6998e6c
--- /dev/null
+++ b/.changelog/10442.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+ licensing: **(Enterprise Only)** In order to have forward compatibility with Consul Enterprise v1.10, the ability to parse licenses from the configuration or environment has been added. This can be specified with the `license_path` configuration, the `CONSUL_LICENSE` environment variable or the `CONSUL_LICENSE_PATH` environment variable. On server agents this configuration will be ignored. Client agents and the snapshot agent will use the configured license instead of automatically retrieving one.
+ ```
diff --git a/agent/config/builder_oss.go b/agent/config/builder_oss.go
index b585cab504..c50fb7b179 100644
--- a/agent/config/builder_oss.go
+++ b/agent/config/builder_oss.go
@@ -40,6 +40,9 @@ var (
 		"audit": func(c *Config) {
 			c.Audit = nil
 		},
+		"license_path": func(c *Config) {
+			c.LicensePath = nil
+		},
 	}
 )
 
diff --git a/agent/config/builder_oss_test.go b/agent/config/builder_oss_test.go
index d7a94a9821..bab81043f8 100644
--- a/agent/config/builder_oss_test.go
+++ b/agent/config/builder_oss_test.go
@@ -116,6 +116,16 @@ func TestBuilder_validateEnterpriseConfigKeys(t *testing.T) {
 				require.Nil(t, c.ACL.Tokens.ManagedServiceProvider)
 			},
 		},
+		"license_path": {
+			config: Config{
+				LicensePath: &stringVal,
+			},
+			keys:    []string{"license_path"},
+			badKeys: []string{"license_path"},
+			check: func(t *testing.T, c *Config) {
+				require.Empty(t, c.LicensePath)
+			},
+		},
 		"multi": {
 			config: Config{
 				NonVotingServer: &boolVal,
diff --git a/agent/config/config.go b/agent/config/config.go
index da03d69038..ab0a30c88f 100644
--- a/agent/config/config.go
+++ b/agent/config/config.go
@@ -191,6 +191,7 @@ type Config struct {
 	HTTPConfig                       HTTPConfig               `json:"http_config,omitempty" hcl:"http_config" mapstructure:"http_config"`
 	KeyFile                          *string                  `json:"key_file,omitempty" hcl:"key_file" mapstructure:"key_file"`
 	LeaveOnTerm                      *bool                    `json:"leave_on_terminate,omitempty" hcl:"leave_on_terminate" mapstructure:"leave_on_terminate"`
+	LicensePath                      *string                  `json:"license_path,omitempty" hcl:"license_path" mapstructure:"license_path"`
 	Limits                           Limits                   `json:"limits,omitempty" hcl:"limits" mapstructure:"limits"`
 	LogLevel                         *string                  `json:"log_level,omitempty" hcl:"log_level" mapstructure:"log_level"`
 	LogJSON                          *bool                    `json:"log_json,omitempty" hcl:"log_json" mapstructure:"log_json"`
diff --git a/agent/config/runtime_oss_test.go b/agent/config/runtime_oss_test.go
index 72cee4d261..6b2f51020f 100644
--- a/agent/config/runtime_oss_test.go
+++ b/agent/config/runtime_oss_test.go
@@ -4,6 +4,8 @@ package config
 
 var entMetaJSON = `{}`
 
+var entAuthMethodFieldsJSON = `{}`
+
 var entRuntimeConfigSanitize = `{}`
 
 var entFullDNSJSONConfig = ``
diff --git a/agent/config/runtime_test.go b/agent/config/runtime_test.go
index 7f448fd6b7..5bc7e97df3 100644
--- a/agent/config/runtime_test.go
+++ b/agent/config/runtime_test.go
@@ -4707,6 +4707,7 @@ func TestFullConfig(t *testing.T) {
 			},
 			"key_file": "IEkkwgIA",
 			"leave_on_terminate": true,
+			"license_path": "/path/to/license.lic",
 			"limits": {
 				"http_max_conns_per_client": 100,
 				"https_handshake_timeout": "2391ms",
@@ -5372,6 +5373,7 @@ func TestFullConfig(t *testing.T) {
 			}
 			key_file = "IEkkwgIA"
 			leave_on_terminate = true
+			license_path = "/path/to/license.lic"
 			limits {
 				http_max_conns_per_client = 100
 				https_handshake_timeout = "2391ms"
@@ -7194,11 +7196,11 @@ func TestSanitize(t *testing.T) {
 				"Enabled": false,
 				"AllowReuse": false,
 				"AuthMethod": {
-					"ACLAuthMethodEnterpriseFields": {},
+					"ACLAuthMethodEnterpriseFields": ` + entAuthMethodFieldsJSON + `,
 					"Config": {},
 					"Description": "",
 					"DisplayName": "",
-					"EnterpriseMeta": {},
+					"EnterpriseMeta": ` + entMetaJSON + `,
 					"MaxTokenTTL": "0s",
 					"Name": "",
 					"RaftIndex": {
diff --git a/agent/consul/client_test.go b/agent/consul/client_test.go
index 3ca55c9607..c3479a561a 100644
--- a/agent/consul/client_test.go
+++ b/agent/consul/client_test.go
@@ -9,6 +9,7 @@ import (
 	"time"
 
 	"github.com/hashicorp/consul/agent/structs"
+	"github.com/hashicorp/consul/agent/token"
 	"github.com/hashicorp/consul/sdk/freeport"
 	"github.com/hashicorp/consul/sdk/testutil"
 	"github.com/hashicorp/consul/sdk/testutil/retry"
@@ -78,7 +79,9 @@ func testClientWithConfigWithErr(t *testing.T, cb func(c *Config)) (string, *Cli
 		t.Fatalf("err: %v", err)
 	}
 
-	client, err := NewClient(config, WithLogger(logger), WithTLSConfigurator(tlsConf))
+	store := &token.Store{}
+
+	client, err := NewClient(config, WithLogger(logger), WithTLSConfigurator(tlsConf), WithTokenStore(store))
 	return dir, client, err
 }