yes, you can. You can have the custom attribute in your developer app for oauth expiry. Before token generation do api key verification and using that to get the developer app custom attribute value (verifyapikey.{policy_name_for_verify_api_key}.custom_attribute_name) and set that in token generation policy.
LinkedIn
Twitter
