Connection Authorization Tokens (CAT) are required to authenticate a VPN connection. They are very similar to Subscription Receipt Tokens but have a much shorter lifetime of usually only 3 days.
Internally the SDK will refresh the CAT automatically when needed and there is no way to force-refresh it. The CAT will contain all VPN related entitlements aka the brand.vpn entitlement and the server will use the entitlement details to authenticate the connection.
Connection Authorization Tokens are anonymous, as they lack user or subscription IDs. This ensures the VPN server cannot identify the connected customer.
Search options and search result
This token type only supports the subscription id parameter for both the search options and search results.
How to use a Connection Authorization Token
This is a token which you will use frequently. You will fetch it from the SDK and use the raw token value as an authentication parameter to a Lightway VPN Connection or to request a WireGuard Session Token.