A modern programming language that makes developers happier.

kotlinlang

What would be the best way to handle JWT authentication for WebSocket routes in Ktor (possibly still making use of the io.ktor:ktor-server-auth-jwt plugin, which unfortunately only supports the token being provided in the `Authorization` header following the `Bearer` scheme)?
Header-based auth isn't profitable in the case of WebSockets, as the clients don't usually expose methods to provison such headers during the preflight HTTP request (in accordance to the WS standard)

You can configure the JWT auth to read the token from other parts of the request with the `authHeader`  configuration method. See <https://stackoverflow.com/a/75016214/13963150|this answer> for an example.