https://developer.apple.com/documentation/cryptotokenkit/authenticating_users_with_a_cryptographic_token states that a token extension needs to be registered by executing its hosting app as the _securityagent user. This unfortunately does not work for me: Launching my hosting app as described in the documentation does not register the token extension. Also I get the following output from the hosting app when executed as _securityagent:
"*Forcing* IMK Distributed Objects (not XPC) in App = myHostingApp, euid=92"
Launching my hosting app as the current, "normal" user causes the token extension to be registered just fine and except smart card logon every functionality you would expect from a token (pairing with user, unlocking system keychain etc) is available and functional.
Did somebody else encounter this issue as well?