I have a question about the implementation of the public API that I would like to clarify.
In the tutorial I'm following, I got to the step where I receive an authorization id from a certain user so that the api can see its data, and I change that 6-digit id for its Orcid-ID and an access Token.
Heres what is told about the access token::
"ORCID will then return the researcher’s authenticated ORCID iD and an access token:
{"access_token":"f5af9f51-07e6-4332-8f1a-c0c11c1e3728","token_type":"bearer",
"refresh_token":"f725f747-3a65-49f6-a231-3e8944ce464d","expires_in":631138518,
"scope":"/read-limited","name":"Sofia Garcia","orcid":"0000-0001-2345-6789"}
The access tokens returned can be short lived (expiring one hour after issue) or long lived (expiring 20 years after issue). Either token can be used multiple times before it expires."
My idea would be to keep this data in a table for future reference without having to always go through the "manual" authorization of users (after the first authorization has been given), which would be possible if the token lasts for years, but impossible if it only lasts. one hour.
Is there a way to guarantee that the expiration date of these tokens is the highest possible?