Session management
After the identification, authentication, and authorization process, a session is created so that the user can interact with the system for a certain amount of time without having to pass these three steps each time. Tokens are used to identify those sessions. By default, in OpenStack, from the Icehouse release, all sessions expire after 1 hour, while previous releases used 24 hours as the session lifespan. It may make sense to reduce this time even more, since if an malicious user can take control of a machine within a valid session, he will be able to act as if he is the owner of the session. Decreasing the length of sessions means reducing the window in which an attacker can steal a session.
Note
There are some jobs such as transferring a disk image to the hypervisor for local caching that might require long time. If your session lifespan is shorter than the time those jobs need, they will probably fail.