Description
In the TODO demo we currently invalidate the 'auth token' too early (after 30 minutes). I think changing from infinity to 30 minutes was a bad idea.
Most cloud services keep the "API access token" valid for ever (or a very long time).
However for an END-USER of the server-side aerogear-sec. component it would be handy if (via REST / management service) the token lifetime could be managed (e.g. revoked, default lifetime, specific lifetime etc)