resumeToken is ignored

We’re integrating RocketChat in our application. We were able to use the Iframe authentication approach, but it’s not exactly perfect for our needs, ideally we need authToken transmitted in the URL when opening RocketChat tab/window.

We’re getting authToken via REST API, and we’ve attempted to use resumeToken approach mentioned at:

But that doesn’t seem to work, we’re only getting a login page. We’re able to log in using the same token by entering this in console:

localStorage.setItem('Meteor.loginToken', '...');

So the token itself looks valid. Are we maybe missing a configuration option to enable the use of resumeToken?

We’d highly appreciate all the help.

Hi.

Isn’t that effectively a GET? I’m not sure that is very secure?

I think most API calls require a POST for security?

Someone may pop along later with some more info.