You may want to consider using X509 authentication (certificate/keys). See:
For ConfD RESTCONF token authentication there is an appnote that provide guidance: