i set those properties in my oauthinfo-object:
Here's a call using jQuery with an object that has the expiration set to 200, and the resulting token says that it's valid for '12000':
var form = new FormData();
var settings = {
"url": "https://www.arcgis.com/sharing/rest/oauth2/token?client_id=xxx&client_secret=xxx&grant_type=client_credentials&expiration=200",
"method": "POST",
"timeout": 0,
"processData": false,
"mimeType": "multipart/form-data",
"contentType": false,
"data": form
};
$.ajax(settings).done(function (response) {
console.log(response);
});
Resulting token:
{
"access_token": "xxx..",
"expires_in": 12000
}
Client, client secret, and resulting tokens were obfuscated to protect the innocent...