diff --git a/Controllers/AuthController.cs b/Controllers/AuthController.cs
index 045ed3f..01bb207 100644
--- a/Controllers/AuthController.cs
+++ b/Controllers/AuthController.cs
@@ -105,7 +105,7 @@ namespace qbridge.Controllers
             {
                 return Content($"<h1>Error - Unable to find AuthorizationEndpoint value in Discovery document from QuickBooks Online</h1>Cannot proceed");
             }
-
+  
 
             //GET AUTHORIZATION CODE AND REDIRECT
 
@@ -233,6 +233,7 @@ namespace qbridge.Controllers
         {
             //clear out any tokens older than 1 hour
             SweepTokenStore();
+
             if (string.IsNullOrWhiteSpace(state))
             {
                 return BadRequest("state value is required");
@@ -242,7 +243,7 @@ namespace qbridge.Controllers
             if (token.Key == null)
             {
                 //delay failed request to foil fishing and dos attempts
-                Task.WaitAll(Task.Delay(10000));
+                Task.WaitAll(Task.Delay(5000));
                 return NotFound();
             }
             else
@@ -253,9 +254,6 @@ namespace qbridge.Controllers
         }
 
 
-
-
-
         public class QBToken
         {
             public string realmId { get; set; }
@@ -270,8 +268,8 @@ namespace qbridge.Controllers
         {
             //ditch tokens older than 1 hour
             //QBOI2 will refresh the token so here we store only the original access token
-            DateTime dtExpireAfter = DateTime.Now.AddDays(-7);
-            //if the token birthday is newer than 7 days ago then select it to remain
+            DateTime dtExpireAfter = DateTime.Now.AddHours(-1);
+            //if the token birthday is less than an hour then it's kept in the token store
             TOKEN_STORE = TOKEN_STORE.Where(pair => pair.Value.TokenBirthday > dtExpireAfter)
                                  .ToDictionary(pair => pair.Key,
                                                pair => pair.Value);