OAuth2: 3 things

Hi guys, well done with the new support for OAuth2! I’m testing it right now and I was wondering (1) how often the token expires (https://docs.alpaca.markets/build-apps_services-with-alpaca/oauth-guide/). There is not mentioned in the documentation.

Should I ask for a token every day? Or if a token is expired/not valid, do you return a specific code/error, so I can request a brand new token?

Also (2), I’ve followed the instructions on the web site, but when I ask for a token I receive this error message:

{"code":40310000,"message":"invalid_grant"}

As response to my request curl -X POST https://api.alpaca.markets/oauth/token -d 'grant_type=authorization_code&...

it looks like the grant-type authorization_code is not valid.

Last (3) question: there is no mention in the docs I can authenticate for a paper account.

Thanks,
Luca