I still new with firebase and android notifications. I want to be able to send notifications to a single user based on some rules. What I've been reading so far is that a token can be generated with:

FirebaseInstanceId.getInstance().getToken()

Then, the token will need to be refreshed at some point when it expires.

How to I set expiry for these tokens, if at all possible? If there are a thousand users having their tokens refreshed around the same time then I will need to do a thousand writes for these tokens to my app servers. Is there a known scaling solution for this problem (eg. keep the same token but refresh its expiry only)?

The Firebase documentation on monitoring the token enumerates the reasons:

The registration token may change when:

• The app deletes Instance ID
• The app is restored on a new device
• The user uninstalls/reinstall the app
• The user clears app data.

Beyond deleting the token (the first option above), you have no control over when a token is refreshed. But unlike Firebase Authentication tokens, the Instance ID Tokens of Firebase Cloud Messaging don't refresh on a fixed schedule. Instance ID Token refreshes are relatively rare and should only need special considering for scaling out in the largest use-cases.

Nope. There is no way to just refresh the expiration of a registration token.

When a registration token is refreshed, the token value will change. The event when the registration token itself will expire is indefinite as well and can only happen on specific events as specified in the FirebaseInstanceId docs:

Instance ID is stable except when:

• App deletes Instance ID
• App is restored on a new device
• User uninstalls/reinstall the app
• User clears app data

In the above cases a new Instance ID is generated and the application needs to recreate the authorization tokens previously generated implementing onTokenRefresh().

And as already mentioned above, in the event where a token is refreshed, onTokenRefresh() will be called and that you should handle the next steps on sending it to your App Server and deleting the old token that got expired and some other stuff.