Based on the knowledge sources provided, there is no specific maximum lifetime set for an access token of an OAuth Client in Ory. However, there are some important points to note regarding access token lifetimes: 1. By default, access tokens in Ory last for one hour [Configure token expiration time](https://www.ory.sh/docs/hydra/guides/client-token-expiration). 2. The access token lifetime can be configured globally or per client [Configure token expiration time](https://www.ory.sh/docs/hydra/guides/client-token-expiration). 3. For individual clients, you can set different lifespans for access tokens based on the grant type used (e.g., authorization code, implicit, refresh token, client credentials, JWT bearer) [Configure token expiration time](https://www.ory.sh/docs/hydra/guides/client-token-expiration). 4. While there's no explicit maximum lifetime mentioned for access tokens, it's important to note that refresh tokens, which are used to obtain new access tokens, have a maximum age of 6 months [Change refresh token lifespan](https://www.ory.sh/docs/oauth2-oidc/refresh-token-grant#change-refresh-token-lifespan). Given this information, while there's no hard maximum set for access token lifetimes, it's generally recommended to keep them short-lived for security reasons. The ability to configure lifespans allows for flexibility based on specific use cases and security requirements.