1# Time in seconds before authorization codes expire.
 2OAUTH_SERVER_CODE_EXPIRY: int = 600
 3
 4# Time in seconds before access tokens expire.
 5OAUTH_SERVER_ACCESS_TOKEN_EXPIRY: int = 3600
 6
 7# Time in seconds before refresh tokens expire.
 8OAUTH_SERVER_REFRESH_TOKEN_EXPIRY: int = 60 * 60 * 24 * 30
 9
10# Whether to allow dynamic client registration (RFC 7591). MCP clients like
11# Claude self-register, so this is on by default.
12OAUTH_SERVER_ALLOW_DYNAMIC_REGISTRATION: bool = True
13
14# Scopes advertised in authorization server metadata. `offline_access` signals
15# that refresh tokens are available.
16OAUTH_SERVER_SCOPES_SUPPORTED: list[str] = ["offline_access"]