Use persistent tokens in Apple devices
For devices with iOS 14, iPadOS 14, macOS 10.15.4, or later, the CryptoTokenKit framework has been extended and includes support for always-available tokens, which are referred to as persistent tokens. Persistent token support is intended for accessing tokens from hardware security modules (HSMs), available using near-field communication (with the CoreNFC API), Secure Enclave, or other network accessible locations. In this use case, a token hosting application allows the system to address and use available tokens, address and use identities available by accessing tokens, and to access additional configuration information about tokens.
Persistent token support requires the use of a third-party helper app to present token configuration to applications and services. iOS and iPadOS support for third-party apps requires a keychain entitlement referencing com.apple.token.