Summary

In the add_token script code here:
https://github.com/canonical/microk8s/blob/master/scripts/wrappers/add_token.py#L166
secrets.token_hex is used to create a token with a size of 16 bytes. Because it is hex, it does result in 32 characters, but this is less the recommended standard since 2015 of 32 bytes. The default entropy of this function is set to 32 bytes. Python's doc give further details on this:
https://docs.python.org/3/library/secrets.html#how-many-bytes-should-tokens-use

What Should Happen Instead?

I recommend increasing the token size to 32 "bytes" instead of 32 characters.

Reproduction Steps

n/a

Introspection Report

n/a

Can you suggest a fix?

Yes, leave parameters empty so DEFAULT_ENTROPY of 32 will be used instead.

token = token_hex()

Are you interested in contributing with a fix?

yes