Certain AirPlay 2 devices, including recent Sonos devices and the Airport Express, require a "POST /auth-setup" message to be sent before ANNOUNCE, otherwise it will return 403 and prevent the device from working. On current pipewire builds, this results in a "missing Session header" message and the device will be accessible through pipewire, but will not play any audio. Devices that will fail without auth_setup contain a TXT record with field et set to 4 which is how I check whether or not to make the request. The auth-setup message has a content body of 33 bytes in which the first byte indicates whether or not the sender wants encryption (0x01 for no encryption, maybe 0x10 for encryption) and the remaining 32 bytes are a Curve25519 public key regardless. Sonos devices accept 32 zeroes, although some devices including the Airport Express complain if it is not a valid key, even if it isn't being used. I use a constant magic public key generated by someone on this thread (HERE), although you could use the method outlined in https://github.com/owntone/owntone-server/issues/557#issuecomment-417825397 to generate the public/private key pair yourself, which I haven't done. The response of the message is 1076 bytes long and, as far as I'm aware, doesn't provide any useful information so it can be discarded. This information was taken from the https://github.com/owntone/owntone-server/issues/557 thread. Unfortunately, these changes along with other open-source AirPlay2 implementations don't fix the problem and instead of 403, I receive a 500 Internal Server Error.