Hi there Lee!
For access tokens generated using the OAuth 2 flow, these currently expire and will need to be renewed after 7 days. However this is something that may be adjusted in the future so instead of relying on a fixed value it's best to check the expires_in time on the token response, which indicates number of seconds until the token expires.
For personal access tokens added via My Preferences → API Authentication Tokens, these have an expiry date set far in the future and can be treated as if they don't expire.
Cheers!
Michael