Documentation Improvements – OAuth Token Expiration

[hisanhunais]

Description

Improvements to the OAuth Token Expiration pages

Steps to Reproduce

1. Navigate to https://apim.docs.wso2.com/en/4.1.0/design/api-security/oauth2/token-expiration/ and https://apim.docs.wso2.com/en/4.1.0/consume/manage-application/generate-keys/obtain-access-token/changing-the-default-token-expiration-time/
2. Notice there are several configurations to change the default expiration times. The expiration time is defined in seconds, but this is not clearly mentioned in the documentation.
3. In https://apim.docs.wso2.com/en/4.1.0/design/api-security/oauth2/token-expiration/, there is a link to Changing the Default Token Expiration Time. But it is a broken link. The proper link should be https://apim.docs.wso2.com/en/4.1.0/consume/manage-application/generate-keys/obtain-access-token/changing-the-default-token-expiration-time/
4. In https://apim.docs.wso2.com/en/4.1.0/design/api-security/oauth2/token-expiration/, the configuration:

[oauth]
token_validation.app_access_token_validity = 10000

Defines the default global validity duration, which applies only when registering new OAuth applications.
However, this setting does not affect existing OAuth applications. Existing applications retain the validity duration defined at the time of their creation. This behavior is not clearly explained in the documentation. In https://apim.docs.wso2.com/en/4.1.0/consume/manage-application/generate-keys/obtain-access-token/changing-the-default-token-expiration-time/, there is a note mentioning "The changes that you do here will be applied only to the new applications that you create.". It would be better to add this note to https://apim.docs.wso2.com/en/4.1.0/design/api-security/oauth2/token-expiration/ as well.

Version

4.1.0

Environment Details (with versions)

No response