Sorry if this was not clear enough.
First, you have request tokens. You get a request token by asking Twitter to issue a token, the goal being to exchange it for an access token. In order to do so, you must obtain approval from the user by redirecting to Twitter, and finally retrieve an access token once the user has authorized your app. This is why request tokens are short lived. They are meant to be used within a couple minutes maximum, just while the user is signing in and granting access to your app.
Second, you have access tokens. The access token retrieved at the end of the sign in flow is meant to be used with all OAuth-signed API endpoints. These access tokens do not expire. Your access token will be invalid only if a user explicitly rejects your application from their settings or if a Twitter admin suspends your application.
I hope this helps clarify the difference between the two and their expected lifetime. You can read more about the OAuth flow on [node:2867].
