How to Add Authentication
Room Service uses short-lived session tokens. If you want allow a user to do something in Room Service, you need to create a new token for them. Tokens last for 6 hours and each token is associated with permissions that the user is allowed to do during that session.
In order for the browser clients to open a connection to Room Service, you'll need to give it this token.
The most common way to do this is to create an "Auth Webhook" that the browser client can call whenever it tries to connect to a room. That's just a POST endpoint on your server that provisions a new token for a user and returns it back to the browser. Let's walk through an example of how this is done.