PIR authentication token limit

[ameshkov]

It seems that iOS and macOS 26 has a limit on pirAuthenticationToken which is not documented anywhere:
https://developer.apple.com/documentation/networkextension/neurlfiltermanager/setconfiguration(pirserverurl:pirprivacypassissuerurl:pirauthenticationtoken:controlproviderbundleidentifier:)

When I try to use a token that's longer than 8 characters, it just does not even attempt to contact the privacy pass service and obtain tokens from it.

Could you please confirm this behavior? Are there any other limitations?

[karulont]

I can confirm, that an invalid user token means that the system skips trying to obtain a privacy pass token.
However, it is unclear why your token is considered invalid.

Initially we supported only valid base64 encodings as tokens, but we should have removed that limitation to support things like JSON Web Token.

If we are still accepting only valid base64 encodings, then this is a bug.

[ameshkov]

It seems the limitation is still live on devices.

Anyways, base64 encoded values do work, thank you for the information!