I'm able to get the new token-based push working (without using certificates) just fine with normal push notifications and using a simple node.js file for the backend.

But, I can't get it to work with VoIP push. I've tried just using the token derived from PushKit - creditials.token but I always get a 400 error.

I can't seem to find any info on this online. Just the mention from WWDC that token-based auth could also be used for VoIP push.

I used the description from http://gobiko.com/blog/token-based-authentication-http2-example-apns/ to send token-based push notifications with python.

It worked well with normal push notifications, but when I tried a voip token instead of my normal push token, I also got a 400 error code. In the error description it said {"reason":"TopicDisallowed"}. Here, I had set my bundle id as apns-topic. I could fix the error by appending .voip to the bundle id.

Note that the voip notifications are silent notifications. Further, if you want to send a complication, according to https://www.foraker.com/blog/pushing-data-to-apple-watch-complications-with-pushkit you should try to append your bundle id with .complication instead.