better security, primarily to avoid logging tokens in request urls, also avoids unintentional url saving by clients, which contains a secret in it
better security, primarily to avoid logging tokens in request urls, also avoids unintentional url saving by clients, which contains a secret in it