Ory Hydra manages the access token validity by setting an expiration time for the tokens. By default, the access token in Ory lasts for one hour. However, you can configure the access token's expiration time either per client or globally using the Ory CLI. To set the access token's lifespan to two hours globally, you can use the following command:

bash ory patch oauth2-config {project.id} \    --replace "/ttl/access_token=\"2h\"" \    --format yaml

In addition to this, you can also modify the access token lifespan for each grant type individually per client using the SDK. Here's an example of how to do it:

javascript import { Configuration, OAuth2Api } from "@ory/client"      const ory = new OAuth2Api(    new Configuration({    basePath: `https://${process.env.ORY_PROJECT_SLUG}.<http://projects.oryapis.com|projects.oryapis.com>`,    accessToken: process.env.ORY_API_KEY,    }),   )      export async function setClientLifespans(clientId: string) {    await ory.setOAuth2ClientLifespans({    id: clientId,    oAuth2ClientTokenLifespans: {    authorization_code_grant_access_token_lifespan: "1h",    client_credentials_grant_access_token_lifespan: "1h",    implicit_grant_access_token_lifespan: "1h",    jwt_bearer_grant_access_token_lifespan: "1h",    refresh_token_grant_access_token_lifespan: "1h",    },    })   }

For more details, you can refer to the [Ory documentation](https://www.ory.sh/docs/hydra/guides/client-token-expiration).