That has been deprecated.
You can't send user:pass in a ws header. The server only accepts wss I believe too.
I also can not use the third party login documentation. The /rest endpoints all have CORS enabled. Which only leaves me the option to use me backend (node). But that's only the backend.
I have 0 problems consuming the vodia API in the backend.
I can't set a cookie "session=sessionId" across domains. So using the session cookie is not an option.
I tried to use an iframe and set it to hidden. Then I make a call to the backend.
I get a session id and then send the session id to /rest/system/session - name:'session', value:sessionId all from the backend. When it returns true, then I set the iframe src to https://pbx.com/welcome?session=sessionId and nothing happens. It doesn't auto login. I have the cookie from the pbx domain, but its a cross domain cookie. So the WebSocket library will not send cross domain cookies.
There needs to be a clientSecret, or websocketSecret or something like that setup on vodias end. Something we generate in the admin panel. Then we can use socket.io-client to consume the vodia websockets by passing the auth in the handshake.query options.
There is currently no available option to use websockets and would LOVE to see a real example of this working. Because as it is now, it is impossible to use cross domain cookies.