The problem
Current UX — v0.8.0
‹
Settings — General
Sessions API Token
A 43-char URL-safe token masked in a single-line password input. No way to paste cleanly, no way to test, no feedback on whether it's correct. When empty, the Sessions section just shows a dim error string.
The token is generated by the server: python3 -c "import secrets; print(secrets.token_urlsafe(32))" — 43 chars of base64url. The user has to copy this from a terminal session and paste it into the Android app.
Option A — Clipboard paste + test connection Recommended
State 1 — Empty / prompt
‹
Settings — General
Sessions API Token
43-character token generated on the server. Paste it here to enable the Claude Sessions section in the drawer.
No token configured
State 2 — Pasted, untested
‹
Settings — General
Sessions API Token
Tap "Test" to verify the token connects to your server.
•••••••••••••••••••••••••••••••••••
State 3 — Testing…
‹
Settings — General
Sessions API Token
•••••••••••••••••••••••••••••••••••
State 4a — Connected ✓
‹
Settings — General
Sessions API Token
•••••••••••••••••••••••••••••••••••
Token saved. Sessions will update every 5s in the drawer.
State 4b — Auth failed ✗
‹
Settings — General
Sessions API Token
•••••••••••••••••••••••••••••••••••
Option B — QR code paired flow
3-step QR pairing
1
Open Settings → Sessions API Token → Pair via QR
Argus shows a "Waiting for QR…" overlay with a camera viewfinder.
2
On claude-server-evo, run the pairing command
argus-api pair prints a QR code in the terminal encoding argus-token://<token>.3
Point camera at terminal — instant pair
Argus scans the QR, extracts the token, runs the test connection, and shows State 4a on success.
Camera viewfinder (mock)
Scanning…
More ergonomic for a 43-char token but adds server-side dependency (the argus-api pair command). Good for initial setup, but clipboard paste is faster for re-keying.
Option A vs B — tradeoffs
| Criteria | A: Paste+Test | B: QR Pair |
|---|---|---|
| Zero server-side changes | ✓ | ✗ needs pair cmd |
| No typing a 43-char token | ✓ | ✓ |
| Immediate feedback | ✓ test btn | ✓ on scan |
| Re-key on rotation | Easy paste | Need terminal open |
| Works when clipboard is messy | Depends | ✓ |
| Implementation effort | Low | Medium |
Recommendation: Option A — clipboard paste + test connection. The "Show token" toggle lets the user verify before saving. The "Test" button gives instant confidence. Zero server changes needed. QR can be added in v0.9 as a convenience on top.
When the drawer shows a token error
The Sessions section collapses and shows: "Sessions API requires a token → Configure in Settings" as a tappable link. Deep-links directly to the token field within Settings.
Token field — show/hide states
Masked (default)
Sessions API Token
•••••••••••••••••••••••••••••••••••
inputType=textPassword + custom chip buttons. Border turns green after successful test. Clear button is destructive — requires confirmation.
Revealed
Sessions API Token
argus_d8fK2jLm9Nq3Rp7vXw1Yz4Ba6Ce0Gh5Ij
Orange tint on the field when token is revealed. "Hide" replaces "Show". Info banner warns about screen sharing. Auto-hides after 30s of inactivity.