Security of pipeline logs

I am a user. I make use of the pipelines, but I use a behind-the-firewall runner. I’ve noticed that the raw pipeline logs are accessed without any sort of authentication, but rather using a temporary token.

  1. How long is the token good for?
  2. Is there any other authentication available for these raw logs?

Thank you.