The Extension front end will make a HTTP whatever to your Extension EBS.
The Extension EBS will then grab the JWT and then from there you can do what you want
I use the prefix of “Bearer” in my authorization header from Front end to EBS as thats my preference, but it’s the Extension JWT not an oAuth token.
The Ajax part of the example extension is making a call from the HTML/JS/CSS Extension frontend to the extension backend
Sure an extension front end can make a websocket connection to a Extension back end, as long as that socket is over SSL