We've had the Unwanted Communication Extension working since iOS 12 beta v1 in June, sending reports via SMS, but the Apple documentation was recenly updated to show the ILClassificationAction can now be sent via Network (instead of SMS). We updated ILClassificationExtensionNetworkReportDestination in the info.plist and setup a test API endpoint with the Association File.
We are now able to file reports via Network request exectued by the OS, however the test api endpoint is a non authenticated endpoint. In production the API endpoint will require an auth token be included in the request. There is nothing in the documentation on how to do this.
Does anyone know how to add auth headers or dynamic url paramters to the network request executed by the OS after the user selects a ILClassificationAction?