How do I get authid within ApplicationSession?

Hi there, I have my router/realm/role set up to disclose both caller and publisher but I am unable to get authid when one ApplicationSession calls another through the router. I asked this question before in 2019 and the answer I got back them was to use an on_join like the following:

def on_join(self, session, details=None):
self._session = session
options = RegisterOptions(details_arg=‘details’)
session.register(self.tw_b_desktop_query, u’biz.site.tw_b_desktop_query’, options)

And then by accessing options.caller_authid I was able to get the ID but with ApplicationSession this does not seem to work and all of the client demos seem to use ApplicationSession. I have a dynamic authenticator and have tried passing back both ‘details’ and ‘extras’ with the authid and nothing seems to work.

Does anyone know how authid can be obtained now? Without this I cannot trust that my DB lookups in the back end call registrar are secure.

Just an addendum to the above post. I was able to get the aforementioned solution working. It uses a native Container object, and I did dig up the method to make it work with wampcra; so this would be an adequate solution for me for now.

However, I am still confused about how to use ApplicationSession, or what the benefits would be of ApplicationSession versus the native container. With ApplicationSession I had to provide a challenge function and with this method it seems to work without one? I find that curious.

“Container” is a newer API and provides authentication implementations based on passed-in configuration (or you can add them programmatically too). Using ApplicationSession “directly” is just a bit older implementation and I guess more “lower level”. And yes you need to provide your own onChallenge method in that case.