Thanks, it makes sense now. I was led to think that user access tokens don’t expire, because when getting a token via implicit code flow, there is no JSON giving you that expiration value. You just get the token via the redirect URL. That was throwing me off I guess. But validating that token then gives you a JSON response with that expires_in key.