If you have security activated for your Realtime application key each connection must use an authenticated token.

This authentication token will ensure that only authenticated users will have access to your channels according to the permissions you have given them (read/write and access presence data).

However before they can use their token you must authenticate it through the REST API.

You can find all the required steps to authenticate a token at http://messaging-public.realtime.co/documentation/starting-guide/security.html

Did this answer your question?