Pusher provides mechanisms for both authenticating and authorising users. Our definition of this is that the former identifies who a user is, while the latter controls access by a given user to specific resources.
Since your servers are the authority on who your users are and what they can access, PusherListener web block and actions make callbacks to PusherChannelsAuth_API endpoints to supply signed authentication and authorisation tokens for the bearing user.
The Pusher Server API Auth (Channels) forge component needs to be installed to enable this functionality. With the forge component installed the required authorisation and authentication method can be selected on the the StartPusherConnection action which is found in the core widget module of the Pusher Client React (Channels) and Pusher Client Traditional (Channels) forge components.