That sounds weird. I know this is not ideal but you can also use the password option - it isn’t stored on device and only used once to retrieve the API token. All subsequent requests use that token as well.
I added that so less savvy users can still log in easily without having to hunt for the token.
I'm not sure if this is related, but I had a similar problem the other day with ReadPaperback in using my token to allow access to my Pinboard account.
The dev responded really quickly:
> "I’m not sure why but it looks like pasting a token on both Safari and Focus change part of the token to be lowercase and I wasn’t properly handling the different case."
