In order to maintain strict control over tokens we typically attach an expiration date where applicable now that we are in the DPS model. So we had a team who requested a PaaS token permission set, we put it to expire at the end of January. The team has since then requested an extension which has been granted. Yes, you cannot edit/alter token access after they are formulated. So I wont be able to extend the expiry date, which is fine. But what I can do is clone the token and provide a new one with another month window. 

This is where things get odd.... Dynatrace doesn't mention in any documentation that I found that it will auto delete token after it expires for x amount of days. 

Here is the original token: 

2 weeks after the expiry the team requested a token extension. To which I tossed in the Token ID but it was no where to be found in the system. Which prompted me to pull the audit log where we find this: 

Notice the Token worker has deleted the 'Expired' token on the 4th of February. 

Now I'm all for keeping a clean environment, but this caught me off guard. The token expired on Jan. 27th and was auto deleted on Feb 4th, 6 days later. 

It could have been a fluke... so we created a test one called "Poof - The Magic Token" by Wednesday/Thursday we will see if the system deleted the token. Its already marked as expired: 

Please let me know what you may have run into with this as well.