SCIM Token Authentication

Hi all, we’re in the midst of developing a SCIM client to be integrated on the OIN - some questions regarding authentication as follows:

  1. Our current API management platform issues OAuth2.0 bearer tokens with a time-to-live (TTL) of 3600 seconds - before expiration and this will require the user to re-authenticate - how will the initial set up for my end user look like if they enable provisioning to my app from Okta?

If they authenticate via HTTP header and pass in this access token - will they have to re-authenticate each time outside of the initial 3600s validity?