See eg https://github.com/piwik/piwik/pull/8002#discussion-diff-31667646L11 , https://github.com/piwik/piwik/pull/8002#discussion-diff-31667834R29 , https://github.com/piwik/piwik/pull/8002#discussion-diff-31667901R98 , ...
It shouldn't be sent as GET as the token could appear in server logs
See also https://github.com/piwik/piwik/issues/7349 :)
closing in favour of #7349