Android app: pass API key token on WebSocket connection #2

New issue

Closed

opened 2026-02-15 17:32:34 -05:00 by benjamin.long · 1 comment

benjamin.long commented

2026-02-15 17:32:34 -05:00

Owner

Problem

The server now requires authentication on the WebSocket endpoint (/ws/{device_id}). A token query parameter with a valid API key must be provided, otherwise the connection is closed with code 1008.

The Android app currently connects without a token, so real-time push notifications (new message alerts, delivery status updates) are broken. SMS sending and receiving still work since those use authenticated HTTP endpoints.

Fix

In WebSocketManager.java, the initialize() method builds the URL as:

wss://domain/ws/{deviceId}

It needs to include the API key:

wss://domain/ws/{deviceId}?token={apiKey}

The apiKey is already available in the app (used by SmsApiClient for REST calls) — it just needs to be passed into WebSocketManager.initialize() and appended to the URL.

Labels

android, server

## Problem The server now requires authentication on the WebSocket endpoint (`/ws/{device_id}`). A `token` query parameter with a valid API key must be provided, otherwise the connection is closed with code 1008. The Android app currently connects without a token, so real-time push notifications (new message alerts, delivery status updates) are broken. SMS sending and receiving still work since those use authenticated HTTP endpoints. ## Fix In `WebSocketManager.java`, the `initialize()` method builds the URL as: ``` wss://domain/ws/{deviceId} ``` It needs to include the API key: ``` wss://domain/ws/{deviceId}?token={apiKey} ``` The `apiKey` is already available in the app (used by `SmsApiClient` for REST calls) — it just needs to be passed into `WebSocketManager.initialize()` and appended to the URL. ## Labels android, server