diff --git a/jvb/src/main/java/org/jitsi/videobridge/websocket/ColibriWebSocketServlet.java b/jvb/src/main/java/org/jitsi/videobridge/websocket/ColibriWebSocketServlet.java
index faf8052ebd..f4da87153d 100644
--- a/jvb/src/main/java/org/jitsi/videobridge/websocket/ColibriWebSocketServlet.java
+++ b/jvb/src/main/java/org/jitsi/videobridge/websocket/ColibriWebSocketServlet.java
@@ -23,6 +23,7 @@
 import org.jitsi.videobridge.websocket.config.*;
 
 import java.io.*;
+import java.net.URLDecoder;
 import java.util.*;
 import java.util.stream.*;
 
@@ -149,7 +150,7 @@ private ColibriWebSocket createWebSocket(
 
         Endpoint endpoint = (Endpoint) abstractEndpoint;
         String pwd = getPwd(request.getRequestURI().getQuery());
-        if (!endpoint.acceptWebSocket(pwd))
+        if (pwd == null || !endpoint.acceptWebSocket(pwd))
         {
             response.sendError(403, authFailed);
             return null;
@@ -173,15 +174,34 @@ private ColibriWebSocket createWebSocket(
      */
     private String getPwd(String query)
     {
-        // TODO: this only deals with the simplest case.
-        if (query == null)
-        {
-            return null;
+        try {
+            Map<String, List<String>> parametersMap = splitQuery(query);
+            if (parametersMap.get("pwd") != null){
+                return parametersMap.get("pwd").get(0);
+            }
+        }catch (UnsupportedEncodingException e) {
+            e.printStackTrace();
         }
-        if (!query.startsWith("pwd="))
-        {
-            return null;
+        return null;
+    }
+
+    /**
+     * Converts query string to Map<String, List<String>> format. Supports multiple parameters with the same key.
+     * @param query query string
+     * @return parsed list
+     */
+    public static Map<String, List<String>> splitQuery(String query) throws UnsupportedEncodingException {
+        final Map<String, List<String>> query_pairs = new LinkedHashMap<>();
+        final String[] pairs = query.split("&");
+        for (String pair : pairs) {
+            final int idx = pair.indexOf("=");
+            final String key = idx > 0 ? URLDecoder.decode(pair.substring(0, idx), "UTF-8") : pair;
+            if (!query_pairs.containsKey(key)) {
+                query_pairs.put(key, new LinkedList<>());
+            }
+            final String value = idx > 0 && pair.length() > idx + 1 ? URLDecoder.decode(pair.substring(idx + 1), "UTF-8") : null;
+            query_pairs.get(key).add(value);
         }
-        return query.substring("pwd=".length());
+        return query_pairs;
     }
 }