The beeminder api now supports authenticating using the Authorization header, as an alternate to passing an access token as a parameter. Switch to using this form, as it keeps authentication information out of the URL, which means it is less likely to e.g. be leaked as part of logs, either on the client or server.
Testing:
Verified read and write operations on the app worked
Used debugger to check registering device token works
The beeminder api now supports authenticating using the Authorization header, as an alternate to passing an access token as a parameter. Switch to using this form, as it keeps authentication information out of the URL, which means it is less likely to e.g. be leaked as part of logs, either on the client or server.
Testing: