For tokens issued by your application for use in accessing the app's SCIM server endpoints, it is allowable to issue non-expiring bearer tokens, or tokens with expiration dates so far in the future that they are functionally non-expiring. This doesn't align with best practices from a security standpoint, however.
If this is an internal application only used by your company, then right now bearer tokens are your only option. If this is an application intended to be added to the Enterprise App gallery, then I'd instead suggestion implementing OAuth 2.0 Authorization Code Grant or Client Credential Grant flows.