If true, then clients can authenticate their WebSockets by sending a valid JWT.
true
final bool allowAuth;