Difficulty authenticating websocket connection

I am trying to create a front-end to the rancher logs on my website. I have a valid Rancher token and I’m trying to set it in a cookie to be sent with the wss request. But since my website is in one domain and the rancher is on another, I can’t send the cookie. Is there any other way I can send the token and be authenticated? (CORS is enabled in the rancher domain. I am building an ember application and using the browser built-in websocket client, no library)

No, you cannot set a cookie for an unrelated domain, or send arbitrary headers with the native websocket client. Or make any non-GET API calls to Rancher in general, even if you had CORS setup. All these restrictions exist for various good reasons.

The simplest thing to do is make a proxy, where your frontend talks to a service running on your domain which makes the request to Rancher and gives the response back to the browser request. Our ember UI actually contains one for development that you can more or less copy. https://github.com/rancher/ui/blob/master/server/proxies/api.js