As part of setting up vCenter Server or VMware Cloud Foundation (VCF) Identity Federation, if your identity provider supports the SCIM (System for Cross-domain Identity Management) protocol, you must generate a token from vCenter Server. This token enables the identity provider to automatically publish users to the vCenter Server Identity Broker (vIDB), so that you can look up users from your identity provider for vSphere Role assignment.
The token that is generated by vCenter Server is known as a JWT (JSON Web Token) and once you have copied it, you can no longer retrieve the value, which is by design. In the vSphere UI, it does provide the expiry of the last JWT token that was generated and I was recently asked on how to retrieve this value?
The token expiry is not something a user can retrieve directly, especially after a user has copied the token value. The token expiry is actually encoded into the JWT token itself and as long as you have the token, you can easily decode the expiry using any online JWT token decoder such as https://www.jstoolset.com/jwt as shown in the example below.
Thanks for the comment!