I would say that UUIDs are secure provided they are of "Version 4" and that they have been generated with a secure random number generator. If this is the case then it will address most of the security concerns. Also V4 UUIDs ensure 122 random bits out of total 128. So, the probability that an attacker guesses your token correctly is very less. Therefore, the bottom line is check how UUIDs are generated in your code and if they are of V4.