As I see that it's not possible to provide a prompt for the application password or have any kind of UI apart from biometrics in the persistent token extension from here: https://developer.apple.com/forums/thread/131694?answerId=416382022#416382022.
- Is there a way to get the details of the consumer application requesting service from the Persistent token extension?
- Is there a way to whitelist applications as only those applications can access the service from the extension?
- Also can we block the use of keys hosted by a managed app from an unmanaged app?