Open
Description
Expected Behavior
The expires_in parameter in the PAR endpoint should be configurable via configuration properties or the DSL, allowing users to set the expiration duration based on their needs.
Current Behavior
Currently, the expires_in value is hardcoded, typically set to 30 seconds (soon to 5 minutes via #2024), this is limiting flexibility and potentially causing issues with longer authorization flows.
Context
This limitation affects scenarios where longer authorization processes are needed, such as multi-factor authentication. Making this configurable would improve usability and compliance with various deployment requirements.