Hotfix- authorization_code_expire_seconds docs clarified

matiseni51 · matiseni51 · commit 497277e2ac61 · 2022-10-10T16:56:29.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -16,6 +16,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+### Changed
+* #1211 documentation improvements.
+
 ### Added
 * Add 'code_challenge_method' parameter to authorization call in documentation
 
diff --git a/docs/settings.rst b/docs/settings.rst
@@ -29,9 +29,12 @@ List of available settings
 
 ACCESS_TOKEN_EXPIRE_SECONDS
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Default: ``36000``
+
 The number of seconds an access token remains valid. Requesting a protected
 resource after this duration will fail. Keep this value high enough so clients
-can cache the token for a reasonable amount of time. (default: 36000)
+can cache the token for a reasonable amount of time.
 
 ACCESS_TOKEN_MODEL
 ~~~~~~~~~~~~~~~~~~
@@ -69,9 +72,11 @@ this value if you wrote your own implementation (subclass of
 
 AUTHORIZATION_CODE_EXPIRE_SECONDS
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Default: ``60``
+
 The number of seconds an authorization code remains valid. Requesting an access
-token after this duration will fail. :rfc:`4.1.2` recommends a
-10 minutes (600 seconds) duration.
+token after this duration will fail. :rfc:`4.1.2` recommends expire after a short lifetime,
+being 10 minutes (600 seconds) the maximum acceptable.
 
 CLIENT_ID_GENERATOR_CLASS
 ~~~~~~~~~~~~~~~~~~~~~~~~~
