For example, the value "3600" denotes that the access token will expire in one hour from the time the response was generated.
The "expires_in" member in JSON must be a numeric value, not a string. Unfortunately quite a few implementations have got this wrong. A likely reason is the quoted value "3600" in the RFC 6749 where "expires_in" is defined. The quotes in the text version of the RFC are only an artefact of the marked-up as a protocol value in the RFC production chain.
If omitted, the Authorization Server SHOULD provide the expiration time via other means or document the default value.