Auto-generated input IDs sometimes start with numbers or are longer than are allowed. Hashing and limiting their length ensures we don't randomly see failures when this happens.
Tokens, when they exist outside a kubeconfig file, are expected to be base64-encoded. That's also coincidentally how our datagov-brokerpak expects them to be passed in. ;)