diff --git a/resources/prosody-plugins/mod_auth_token.lua b/resources/prosody-plugins/mod_auth_token.lua
index fb0df1a6e..752351456 100644
--- a/resources/prosody-plugins/mod_auth_token.lua
+++ b/resources/prosody-plugins/mod_auth_token.lua
@@ -17,8 +17,8 @@ local provider = {};
 
 local host = module.host;
 
--- Extract 'token' param from BOSH URL when session is created
-module:hook("bosh-session", function(event)
+-- Extract 'token' param from URL when session is created
+function init_session(event)
 	local session, request = event.session, event.request;
 	local query = request.url.query;
 
@@ -30,7 +30,10 @@ module:hook("bosh-session", function(event)
         session.jitsi_bosh_query_room = params.room;
         session.jitsi_bosh_query_prefix = params.prefix or "";
     end
-end);
+end
+
+module:hook("bosh-session", init_session);
+module:hook("websocket-session", init_session);
 
 function provider.test_password(username, password)
 	return nil, "Password based auth not supported";