diff --git a/app/views/admin/application_settings/_visibility_and_access.html.haml b/app/views/admin/application_settings/_visibility_and_access.html.haml
index 8d0b8c17bd2976f53332cfb957877a64a5ba774d..a00c4529884049e5af3ad533be8f7b8be1c9d0f4 100644
--- a/app/views/admin/application_settings/_visibility_and_access.html.haml
+++ b/app/views/admin/application_settings/_visibility_and_access.html.haml
@@ -48,6 +48,8 @@
         = f.label field_name, "#{type.upcase} SSH keys", class: 'label-bold'
         = f.select field_name, key_restriction_options_for_select(type), {}, class: 'form-control'
 
+    = render_if_exists 'admin/application_settings/disable_personal_access_tokens', form: f
+
     .form-group
       %label.label-bold= s_('AdminSettings|Feed token')
       = f.gitlab_ui_checkbox_component :disable_feed_token, s_('AdminSettings|Disable feed token')
diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md
index be2785406944a67b880d82d91bb8dc19100fb896..30d674e75b4ffacde4e17fa0f35e739ba498e6f1 100644
--- a/doc/user/profile/personal_access_tokens.md
+++ b/doc/user/profile/personal_access_tokens.md
@@ -97,6 +97,14 @@ Prerequisites:
 
 In GitLab 15.7 and later, you can [use the application settings API to disable personal access tokens](../../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls).
 
+In GitLab 17.3 and later, you can disable personal access tokens in the Admin UI:
+
+1. On the left sidebar, at the bottom, select **Admin**.
+1. Select **Settings > General**.
+1. Expand **Visibility and access controls**.
+1. Select the **Disable personal access tokens** checkbox.
+1. Select **Save changes**.
+
 ### Disable personal access tokens for enterprise users
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/369504) in GitLab 16.11 [with a flag](../../administration/feature_flags.md) named `enterprise_disable_personal_access_tokens`. Disabled by default.
diff --git a/ee/app/controllers/ee/admin/application_settings_controller.rb b/ee/app/controllers/ee/admin/application_settings_controller.rb
index 36e1cd55996f56e4f5cbfbfc3b9d457017b7149f..1a1ce83ace7db1c75fffe512f0662954ad6898d7 100644
--- a/ee/app/controllers/ee/admin/application_settings_controller.rb
+++ b/ee/app/controllers/ee/admin/application_settings_controller.rb
@@ -131,7 +131,8 @@ def visible_application_setting_attributes
                                :lock_maven_package_requests_forwarding],
           default_branch_protection_restriction_in_groups: :group_owners_can_manage_default_branch_protection,
           group_ip_restriction: :globally_allowed_ips,
-          service_accounts: :service_access_tokens_expiration_enforced
+          service_accounts: :service_access_tokens_expiration_enforced,
+          disable_personal_access_tokens: :disable_personal_access_tokens
         }.each do |license_feature, attribute_names|
           if License.feature_available?(license_feature)
             attrs += Array.wrap(attribute_names)
diff --git a/ee/app/views/admin/application_settings/_disable_personal_access_tokens.html.haml b/ee/app/views/admin/application_settings/_disable_personal_access_tokens.html.haml
new file mode 100644
index 0000000000000000000000000000000000000000..67cc0bdfa24b4b9c92e96867f4ab969cb467deb3
--- /dev/null
+++ b/ee/app/views/admin/application_settings/_disable_personal_access_tokens.html.haml
@@ -0,0 +1,8 @@
+- return unless ::License.feature_available?(:disable_personal_access_tokens)
+
+- form = local_assigns.fetch(:form)
+
+.form-group
+  %h5= _('Personal access tokens')
+  = form.gitlab_ui_checkbox_component :disable_personal_access_tokens,
+    _('Disable personal access tokens')
diff --git a/ee/spec/features/admin/admin_settings_spec.rb b/ee/spec/features/admin/admin_settings_spec.rb
index 250057f96cff58d56d86ba0f87b77eb20a9e39f7..4f1a71b1cc9ee9f036a463aeac4463cafe8265ed 100644
--- a/ee/spec/features/admin/admin_settings_spec.rb
+++ b/ee/spec/features/admin/admin_settings_spec.rb
@@ -248,6 +248,29 @@
     end
   end
 
+  context 'Disable personal access tokens', feature_category: :system_access do
+    it 'does not show the setting when the feature is not licensed' do
+      stub_licensed_features(disable_personal_access_tokens: false)
+
+      expect(page).not_to have_css('#application_setting_disable_personal_access_tokens')
+    end
+
+    it 'enables personal access tokens' do
+      current_settings.update_attribute(:disable_personal_access_tokens, true)
+
+      visit general_admin_application_settings_path
+
+      within_testid('admin-visibility-access-settings') do
+        uncheck _('Disable personal access tokens')
+        click_button _('Save changes')
+      end
+
+      expect(page).to have_content _('Application settings saved successfully')
+      expect(find('#application_setting_disable_personal_access_tokens')).not_to be_checked
+      expect(current_settings.disable_personal_access_tokens).to eq(false)
+    end
+  end
+
   context 'package registry settings', feature_category: :package_registry do
     before do
       visit ci_cd_admin_application_settings_path
diff --git a/locale/gitlab.pot b/locale/gitlab.pot
index 738a101c82dd0555b3a041efead7ddb50b3960f7..29a849d8839fe5b3df72a73cd0727d1f2bd21452 100644
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -19073,6 +19073,9 @@ msgstr ""
 msgid "Disable group runners"
 msgstr ""
 
+msgid "Disable personal access tokens"
+msgstr ""
+
 msgid "Disable two-factor authentication"
 msgstr ""