Is there a way to give out a short-lived token that gives (webdav) access to for instance a share or a folder?
I haven’t seen any and we’re about to develop this, but wanted to ask here before reinventing the wheel. 
You mean a public sharing link that expires after a certain time? What is short-lived in your terms? Minutes, days or weeks?
Eventually, it is already implemented what you are looking for but that depends on your use-case.
Hi, thanks for your quick reply!
I meant the setup described in Re: [OAUTH-WG] Refresh tokens
I guess OAuth2 — Nextcloud latest Administration Manual latest documentation may be a good starting point, but it wasn’t clear to me whether those access tokens are short-lived and whether they can be verifiable on the Nextcloud server without DB lookup or a call out to the auth server that produced them after checking some longer-lived refresh token the client would have.