I would imagine that when most people are setting an expiration on a JWT, they will be using some configured timeout duration (e.g. 15 minutes). the ClaimsMutator has a basic setExpiration helper which takes the expiration date. It would be great if you added a convenience method which took the duration and did the math to compute the final exipration date, something like:

public T setExpirationAfter(long duration, TimeUnit timeUnit);

Where the impl is something like:

return setExpiration(new Date(System.currentTimeMillis() + timeUnit.toMillis(duration)));