We are developing an app that can receive silent push notifications. Upon receiving the notifications, the app gets put into the background and executes some code. During this code execution the app needs to access an item in the keychain that is protected with the protection level kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly. According to this SO post (Does iOS start app in background after reboot if remote-notification defined in UIBackgroundModes and new push notification comes?) and Apple's app lifecycle diagram, an app is in the not-running state after a device reboot and can therefore not be put into the background until the user has launched it into the foreground at least once.
However, Apple also provides the protection level kSecAttrAccessibleAlways. If an app can only run in the background after it has first launched, what's the purpose of the kSecAttrAccessibleAlways attribute? Wouldn't the user first have to unlock the device in order for the app to be able to run in the background? In what cases can apps run after a device reboot but before a user has unlocked the device? Apple also provides the protection level NSFileProtectionCompleteUntilFirstUserAuthentication for files in the app's sandbox container. In what situations would apps even be able to attempt to access their files before a user has unlocked the device after a reboot? Any insight into this is greatly appreciated, thank you.