If the API included a new short lived token (or JWT) when there is a complexity limit exceeded error, it would eliminate the need to use OAuth tokens where the only use case is concern the SLT will expire before retries complete due to complexity limit errors.
This could be enhanced by having an NBF (not before) claim in the SLT, which is set to when the limit resets, and then the expiration to be 1 minute after that.
I’d much prefer to never store tokens at all. Only reason I’ve had to use OAuth has been due to complexity limits, I’m sure I’m not alone.
