The SQL backend for Identity records tokens. It does not have a timeout, and it does not automatically remove tokens once they are recorded.
As a consequence, the SQL database can run out of storage space.
As a workaround, Identity now includes a command to remove tokens, namely 'keystone-manage token_flush'. This process should be scheduled to run regularly via cron. It is recommended that this command be run approximately once per minute.