diff --git a/CHANGES/1550.bugfix b/CHANGES/1550.bugfix
new file mode 100644
index 000000000..f3554617a
--- /dev/null
+++ b/CHANGES/1550.bugfix
@@ -0,0 +1 @@
+Pulp Container specific settings are now properly validated at startup of a Pulp instance.
diff --git a/pulp_container/app/dynaconf_hooks.py b/pulp_container/app/dynaconf_hooks.py
new file mode 100644
index 000000000..38053cb9b
--- /dev/null
+++ b/pulp_container/app/dynaconf_hooks.py
@@ -0,0 +1,32 @@
+from dynaconf import Validator
+import sys
+
+
+token_auth_disabled_validator = Validator("TOKEN_AUTH_DISABLED", eq=True)
+token_server_validator = Validator("TOKEN_SERVER", must_exist=True)
+token_signature_algorithm_validator = Validator("TOKEN_SIGNATURE_ALGORITHM", must_exist=True)
+public_key_path_validator = Validator("PUBLIC_KEY_PATH", must_exist=True)
+private_key_path_validator = Validator("PRIVATE_KEY_PATH", must_exist=True)
+
+
+def post(settings) -> dict:
+    """
+    Post load hook for Pulp settings to validate Container-specific variables.
+    """
+    if "collectstatic" in sys.argv:
+        return {}
+
+    container_settings_validator = token_auth_disabled_validator | (
+        token_server_validator
+        & token_signature_algorithm_validator
+        & public_key_path_validator
+        & private_key_path_validator
+    )
+    container_settings_validator.messages["combined"] = (
+        "When token authentification is enabled ('TOKEN_AUTH_DISABLED=False'), all of the "
+        "following settings variables must be set: 'TOKEN_SERVER', 'TOKEN_SIGNATURE_ALGORITHM', "
+        "'PUBLIC_KEY_PATH', 'PRIVATE_KEY_PATH'. Please check your Pulp config file."
+    )
+    container_settings_validator.validate(settings)
+
+    return {}