New OAuth Applications will create access tokens that expire in
2 hours. To retain backward compatibility prior to 15.0, existing
applications will continue to generate unexpiring tokens unless
they opt-in. In 15.0, all applications will generate expiring
access tokens and configuration will no longer be possible.

Changelog: security