"The introduction of team-scoped keys is a fantastic step forward for tightening security and isolating responsibilities within larger development organizations. However, as infrastructure moves closer to Zero Trust architectures, managing these keys across decentralized microservices or CI/CD pipelines still presents challenges. I have two questions regarding the long-term roadmap for APNs authentication: 1 App-Level Scoping: Are there plans to allow authentication keys to be scoped down to specific App IDs (Bundle IDs) rather than the entire team? Currently, a compromised team-scoped key could still potentially impact other apps within the same developer account. 2 Short-lived / Ephemeral Tokens: Is Apple considering support for short-lived, dynamically generated authentication tokens (similar to AWS IAM roles or OAuth 2.0 client credentials with expiration) to eliminate the need for storing long-lived ⁠.p8⁠ master keys on third-party backend servers? Understanding the direction of APNs security would greatly help us architect our next-generation notification backend."