[jonathanberger]

Does anyone have suggestions for when I need to use bearer auth and the token is super long?

With curl I end up finding the command becomes hard to read, even taking advantage of backslashes. With Postman, it tidily hides the token out of the way on a separate tab and gets out of my way.

[humlex]

What i do is assign the token to a variable. I typically copy the secret to my clipboard, and then use the pbpaste command in macos terminal when assigning it to avoid secrets in my command history.

[Izkata]

I don't know how consistent this is across shells, but at least in bash putting a space before the command keeps it out of the history:

  $ ONE=1
  $  TWO=2
  $ echo $ONE $TWO
  1 2
  $ history | tail -n 4
   2002  clear
   2003  ONE=1
   2004  echo $ONE $TWO
   2005  history | tail -n 4

[johnisgood]

Yeah, I have been using this feature of bash ever since its existence and it is quite handy at times, especially when I do "printf "<sensitive data>" | qr".

[miningape]

this.

A while ago I was working on a DSL to solve this exact issue (env switching, http requests + chained requests e.g. to an auth server to retrieve a token) - but I haven't had the time recently, and I moved jobs to a GraphQL shop, so it feels a bit more pointless now :D

[KORraN]

I love the second part of your tip, thank you.

[skydhash]

I think curl can load headers or other data from a file. And you can always $(cat token.txt) in the cli.