diff --git a/changelog.d/11093.doc b/changelog.d/11093.doc
new file mode 100644
index 0000000000000000000000000000000000000000..70fca0bdcef9e77d84e7859342ea780862c8a7b6
--- /dev/null
+++ b/changelog.d/11093.doc
@@ -0,0 +1 @@
+Update the admin API documentation with an updated list of the characters allowed in registration tokens.
diff --git a/docs/usage/administration/admin_api/registration_tokens.md b/docs/usage/administration/admin_api/registration_tokens.md
index c48d060dcc38cc9bfc0c60e3542d29b76d0f6ed7..13d5eb75e933c4a3e264e689439bffaf9ab98fec 100644
--- a/docs/usage/administration/admin_api/registration_tokens.md
+++ b/docs/usage/administration/admin_api/registration_tokens.md
@@ -149,7 +149,7 @@ POST /_synapse/admin/v1/registration_tokens/new
 
 The request body must be a JSON object and can contain the following fields:
 - `token`: The registration token. A string of no more than 64 characters that
-  consists only of characters matched by the regex `[A-Za-z0-9-_]`.
+  consists only of characters matched by the regex `[A-Za-z0-9._~-]`.
   Default: randomly generated.
 - `uses_allowed`: The integer number of times the token can be used to complete
   a registration before it becomes invalid.