I have local web app that connects to SignalR using webSocket at wss://mysubdomain/messages on my remote server.
Access to the server is carried out using a zero trust tunnel with public hostname https://mysubdomain.
If that URL doesn’t have an “access → application” policy configured, I can connect to SignalR webSocket.
But when access policy in configured, webApp catch the error “Error: Failed to start the connection: Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.”
Access config has 2 allow policies:
All users that login Azure Add;
Service Token. (used by webApp to API request );
and in “settings” has allow all origins, methods and headers.
With this access policy, the web application can successfully request the API, but an attempt to connect to the webSocket returns an error.
How to configure access policy to work with signalR gj to websocket?
Thank you for the quick response.
In client option “skipNegotiation” set on “true”. i.e. client skips negotiation when connecting to server.
In console i get:
“WebSocket connection to ‘wss://mysubdomain/messagehub/messages’ failed:”
“Error: Failed to start the connection: Error: WebSocket failed to connect. The connection could not be found on the server, either the endpoint may not be a SignalR endpoint, the connection ID is not present on the server, or there is a proxy blocking WebSockets. If you have multiple servers check that sticky sessions are enabled.”
Alright so I found a solution to my problem, emphasis on my because I’m not sure if this is going to work for everyone else, turns out it was NGINX blocking some headers and that the Connection header needs to be “upgrade”. I had to go to the NGINX configuration file and add this block inside a server block