The current Auth call is only to obtain a token, but I cant see expiry times on them, which would mean the user can be logged in indefinitely. Am I missing something? its a big security concern.
Is there anyone on the official team that can support this question? it is a concern for users using the API endpoints and token generation.