Document configuration for the expiration of the JWT token

docs/user-guide/api-mediation/api-gateway-configuration.md

@@ -48,6 +48,31 @@ the following procedure to switch to SAF.
 
 Authentication requests now utilize SAF as the authentication provider. API ML can run without zOSMF present on the system. 
 
+### apiml.security.auth.tokenProperties.expirationInSeconds
+
+This property is relevant only when the JWT token is generated by the API Mediation Layer. API ML generation of the JWT token occurs in the following cases:
+
+* z/OSMF is only available as an older version which does not support JWT tokens 
+* The SAF provider is used
+
+To use a custom configuration for z/OSMF which changes the expiration of LTPA token, it is necessary to also set the expiration in this parameter. 
+
+**Note:** The default value is 8 hours which mimicks the 8 hour default expiration of the LTPA token in z/OSMF.
+
+**Follow these steps:**
+
+1. Open the file `<Zowe install directory>/components/api-mediation/bin/start.sh`.
+2. Find the line that contains the `-cp ${ROOT_DIR}"/components/api-mediation/gateway-service.jar":/usr/include/java_classes/IRRRacf.jar`.
+3. Before this line, add on a new line in the following format
+```
+-Dapiml.security.auth.tokenProperties.expirationInSeconds={expirationTimeInSeconds} \
+```
+where:
+
+* `{expirationTimeInSeconds}` refers to the specific time before expiration
+
+3. Restart Zowe&trade.
+
 ## Retry policy
 
 In default configuration, retry for all requests is disabled, with one exception: the server retries `GET` requests that finish with status code `503`.