expires_in and interval in the authentication response are (I believe) intended to integers, but it's not actually stated anywhere I could find.
We should probably be explicit that it's a positive integer, or alternatively we could use a more RFC6749 type definition:
A.14. "expires_in" Syntax
The "expires_in" element is defined in Sections 4.2.2 and 5.1:expires-in = 1*DIGIT