expiration

An RFC 3339 timestamp for when the request should expire. UTC time zone.

If no timezone is specified, UTC will be used. If payload does not contain an expiration, the request will never expire.

Using an expiration reduces the risk of a replay attack. Without supplying the expiration, in the event that a malicious user gets a copy of your request in transit, they will be able to obtain the response data indefinitely.