A reminder to validate access tokens when using OAuth2

Personally, I avoid storing tokens on my server wherever possible. If all I do is verify the token and then discard it, does it still violate these new guidelines?
In other words, do I need to start storing tokens and verifying them hourly?