Incorrect "expires_in" time for customer scoped access tokens

I made a request to the /oauth/token endpoint to create a customer scoped access token. In the form of the request, I set expires_in to 300. The request resulted in a 200 response, and I got an access token, but the response body’s “expires_in” field reads 7776000. Is this a bug, or is there something wrong with my request?

Here is a screenshot of the REST client output:

Hi @OptiBobby - mind creating a support ticket ( This looks like a bug; once we follow-through we’ll post the results here. (It would be great to have a bit more info in the ticket as well, like your username and the customer username).