Authentication in websocket connections

aliakhtar · May 11, 2019, 1:18pm

In websockets its not possible to send an authorization header, so I’ve had to resort to sending in the authention token as a query param to the websocket URL. But, is there a directive to handle the authorization, which doesn’t rely on the header? Or another way to authenticate websocket connections?

johanandren · May 17, 2019, 7:53am

In websockets its not possible to send an authorization header …

Are you sure about that? I had this old sample of Basic Auth and WebSocket laying around: Akka ticket #19689 · GitHub

Didn’t test it now but I think it should work fine.

aliakhtar · July 4, 2019, 1:53pm

@johanandren Pretty sure: https://stackoverflow.com/questions/22383089/is-it-possible-to-use-bearer-authentication-for-websocket-upgrade-requests

aliakhtar · July 4, 2019, 1:53pm

It may have worked in unit tests but wouldn’t work in actual browser based websockets

johanandren · July 11, 2019, 6:15am

Thanks for linking that back, sounds like a parameter is the way to go from that SO answer.

Topic		Replies	Views
Akka HTTP WebSocket server not recognizing upgrade request Akka akka-http , websockets	3	1187	July 24, 2020
Checking an API key in the authorization header? Akka HTTP	1	1445	September 30, 2018
Websocket messages Akka HTTP websockets	10	1647	October 7, 2021
Websocket Reconnect/Retry - Is it Possible Akka HTTP akka-http , websockets	2	1662	April 7, 2022
Akka HTTP Client failing OAuth 1.0 Auth header call Akka HTTP akka , akka-http , java	3	772	February 25, 2022

Authentication in websocket connections

Related Topics