Hi @vuscan.marius,
Welcome to the Auth0 Community!
The short answer is that it is case-dependent. Generally, the ID token expiration has a default expiration of 36000 seconds (10 hours). However, if security is a concern, then you can shorten the time period before the token expires. [Refence doc: ID Tokens]
I recommend reviewing our Token Best Practices documentation as well.
Please let me know if you have any additional questions. I’d be happy to help!
Thanks,
Rueben