In AAP it is currently only possible to control the expiration time of all tokens globally as a system administrator.

As an AAP system administrator it is desirable to set a low global expiration time, such as 7 days, but allow users to optionally override this default expiration to a higher value, such as 30 days.

The upper limit which an administrator allows should be configurable in order to prevent users from creating tokens that are valid for too long.