Xano Realtime | RealtimeAuthToken present in localStorage but WebSocket connects as anonymous

Context: Stack: WeWeb + Xano Auth plugin + Xano Realtime

Problem: The RealtimeAuthToken is correctly stored in localStorage (same value as AuthToken), meaning the user is authenticated via Xano Auth plugin. However, when WeWeb opens a Xano Realtime channel, the WebSocket connection is treated as anonymous by Xano — resulting in the error: "Anonymous clients cannot join this channel" when “Anonymous Clients” is unchecked in Xano Realtime channel permissions.

Steps to reproduce:

1. User logs in via Xano Auth plugin → isAuthenticated: true, RealtimeAuthToken present in localStorage
2. Xano Realtime channel configured with “Anonymous Clients” unchecked
3. WeWeb workflow triggers Realtime | Open channel
4. WebSocket join fails with "Anonymous clients cannot join this channel"

Expected behavior: WeWeb should automatically pass the RealtimeAuthToken as auth token during the WebSocket connection/channel join, since it’s already available in localStorage.

Workaround: Checking “Anonymous Clients” in channel permissions allows the connection, but removes the ability to use auth_table/auth_id targeting in api.realtime_event for user-specific broadcasts.

Reference: Similar issue reported here without resolution: Xano Realtime | Open Channel with auth

Capture d’écran 2026-06-03 à 00.54.532240×150 33.1 KB

Please could we check this together and fix it possibly ?

Thank you so much an advance.

@Joyce

Hey @TOoms

Are you using different Xano branches / data sources by any chance?

We fully support private channels, which are synced with the Xano Auth plugin, but Xano only supports tokens from the live data source so that could explain the issue.

If not, can you reach out to support in the private chat so they can take a look at your project specifically?

Hey,

had similar issue. I was able to resolve it by reconnecting Xano auth plugin.