Hello.

There are some startup parameters that can be added to the server to influence the database identity provider. One of those controls the access token lifetime. See here for more information:
https://docs.ifs.com/techdocs/Foundation1/040_administration/210_security/015_authentication/040_configure_DBIDP/default.htm#Configure_behaviour_through_startup_paramters

Best regards, Björn.

Hi Björn,

Thank you for your answer. The documentation you provide gives me a lot of insight. 

But I choose to make the token longer using refresh_token. So I don’t have to change the server parameter.

https://www.oauth.com/oauth2-servers/making-authenticated-requests/refreshing-an-access-token/

Regards,

Bhakti