UserIdentityToken is not set on ActivateSessionRequest objects
Various servers like Milo or open62541 refuse ActivateSession requests if the UserIdentityToken is not set to a valid object. I'm not 100% sure what the spec says on that case, but setting it doesn't cost much and brings us better interoperability.