Sounds like you're facing a couple of challenges with passing such a long token via the URL. Have you considered using a secure authentication flow like OAuth with authorization codes? It would avoid passing sensitive information in the URL altogether, and you could leverage something like a token exchange mechanism. Also, have you looked into whether your server can handle larger payloads in POST requests, which could help you pass the token securely in the request body instead?