What are the best practices to follow while embedding Webchat Widget in a website ?

HI, I have gone through the documentation provided in Cognigy site on embedding Webchat Widget on websites.

For Eg: in order to embed a trial end point in a website all I have to do is add below script. And the endpoint URL& token differs based on the organization(endpoint.abc.com).

<scriptsrc="https://github.com/Cognigy/WebchatWidget/releases/download/v2.20.0/webchat.js"></script>

<!-- Initialize the Webchat towards a Cogngiy Endpoint via initWebchat() -->

<script>
initWebchat(
);
</script>
In my scenario ,once user login to our application after successful authentication the web page will initiate Webchat.

And if someone/attacker use this script and endpoint details in other web application they can also spin up the whole Chat Widget and can establish connection to our  Cognigy AI instances  by pass whole authentication mechanism.

How can we restrict this  is there any authentication/tracking mechanism I can place before executing the flow to check if the request is coming from my site not from any attacker?

Didn't find what you were looking for?

New post
Was this post helpful?
0 out of 0 found this helpful

Comments

1 comment

Please sign in to leave a comment.