@Engineer Thank you for the response. I can see that the correct url is being used. The url for the server is https://myurl.com:443. For the ILMessageFilterExtensionNetworkURL I'm setting https://myurl.com I see this logging occurring: default 12:51:36.443361-0800 com.apple.IdentityLookup.MessageFilter Using URL https://myurl.com for network request default 12:51:36.444025-0800 com.apple.IdentityLookup.MessageFilter Got SWC details for specifier { s = messagefilter, a = MV8J9D3236.com.myAppBundle, d = https://myurl.com } error 12:51:36.444103-0800 com.apple.IdentityLookup.MessageFilter Extension's containing app (appID MV8J9D3236.myAppleBundle) unauthorized to defer requests to host https://myurl.com Within the app's and extension's associated domains has https://myurl.com?mode=developer specified (as the url isn't public). On app installation, I don't see swcd logging any errors. But I'm still seeing networkURLUnauthorized when the extension defers to network. The server url is https://myurl.com:443, I don't know if the port needs to be specified in the domains and ILMessageFilterExtensionNetworkURL or not, however I've tried it both ways and it doesn't make any difference. Any other suggestions of things to look at? thank you

In the associated domains section of the app I have tried every possible combination: https://something.com:443?mode=developer https://something.com?mode=developer something.com:443?mode=developer something.com?mode=developer The device is in developer mode and in the server's apple-app-site-association file the app's team id.bundle is specified. I still keep getting Network URL Unauthorized when the message filter extension calls deferQueryRequestToServer(). What else can I try?

I'm not understanding how App Attest could be used in an app extension when the documentation for it states: "Important. Most app extensions don’t support App Attest.....The only app extensions that support App Attest are watchOS extensions in watchOS 9 or later. " (https://developer.apple.com/documentation/devicecheck/establishing-your-app-s-integrity) I don't understand therefore how its being suggested it could be used for a message filtering extension when its documentation says app extensions don't support it?

@Kevin Elliott Sorry I should have clarified that. No I don't mean a Voip call I mean a regular call. For example, identifying information about the caller might be in the P-Asserted-Identitiy field, or an image might be specified in the Call-Info header (with purpose=icon). So I was wondering, for example suppose a call arrived and P-Asserted-Identity was empty but Call-Info contained an icon, and LCID returned a name but no icon, then would the OS combine the icon from Call-Info with the name from LCID to display a name and an icon?

Are you looking for a solution in Swift or Objective-C to this sharpness?

@eskimo, in that video you reference, he says there are three ways to avoid the prompt being displayed and lists what they are but then only goes on to talk about the 3rd of the three. I don't understand what is meant by the first two ways: Edit Options, and Keyboard Shortcuts. What is meant by these, and how do they avoid the prompt being displayed?