[SOLVED] Connect to MWS with Authorization

  • Hello everybody,

    I am creating an app with access to EDS which works pretty nice so far. I can log in, modify data and can see it in the client.

    I also have implemented access to MWS so the client gets notified when the data changed and then the client requests the data. All this works!

    At the moment I have 2 collection on which I wanted to use access control.

    First I changed only the first to have a comparisson:
    Collection_A: only the creator is allowed to RUDA
    Collection_B: everyone is allowed to R, creator is allowed to RUDA

    the collection permissions aren't restricted.

    My problem is the implementation of access control policies.
    It was no problem to create the login and restrict the access to the objects, but the MWS didn't notify the client anymore.
    I looked in the "API documentation":https://developer.qtcloudservices.com/mws/rest/v1/get_websocket_uri and tried to add the Authorization header with the access token I received from the login request. But the client received only updates on the collection which is accessible for all. When I tried a root access token to EDS the client didn't receive any notifiaction anymore.

    I added the header like this (worked with the data query in EDS)
    @request.setRawHeader("Authorization", "Bearer <access_token>");@

    "Here":https://developer.qtcloudservices.com/mws/key-concepts/security-authentication it says it should work with the EDS tokens.

    Has anyone an idea what I am doing wrong?

  • cid:52:privileges:purge


    I turned out there was a minor bug in the system. It is now fixed and authorized clients will receive WebSocket messages correctly.

    Here are instructions how you can test this feature in your browser's console:


    • choose 'Enginio' from MWS instance's Access Management Control options and set permissions as
      "read": [
      "write": [


    MWS Client

    @var mwsUri = "https://mws-eu-1.qtc.io/v1/gateways/{MWS_GATEWAY_ID}"
    var ws;

    function connectToWebsocket(options) {
    url: mwsUri + "/websocket_uri",
    headers: {
    "Authorization": "Bearer {EDS_ACCESS_TOKEN}"
    success: function(response) {
    // connect to websocket using returned uri
    if(ws) {
    ws = new WebSocket(response.uri)
    ws.onopen = options.onopen
    ws.onmessage = options.onmessage
    error: function(response) {
    console.log("Ooops! Something went wrong!", response.responseText)

    onopen: function(event) {
    console.log("Connected to websocket");
    onmessage: function(event) {
    console.log("Received message: " + event.data)

    EDS client

    • create a new object with authorization

    @var todo = {title: "test EDS WebHook with Authorization"};

    url: "https://api.engin.io/v1/objects/todos",
    headers: {
    "Enginio-Backend-Id": "{EDS_BACKEND_ID}",
    "Authorization": "Bearer {EDS_ACCESS_TOKEN}"
    type: "POST",
    contentType: "application/json; charset=utf-8",
    crossDomain: true,
    dataType: "json",
    data: JSON.stringify(todo),
    success: function(response) {
    error: function(response) {
    console.log("Ooops! Something went wrong!", response.responseText)

    After creation, WebSocket client should receive message if both MWS and EDS clients use the same access token.

  • Yes it works now.

    Thank you very much!

Log in to reply

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.