I’d like to use Rasa with my own chat widget. I used REST API and it works fine. Now I am concerned about security - since REST API needs to be exposed to outside world to enable exchanging messages between my widget and Rasa, it is now open to anyone who might use API to manipulate my chatbot.
Maybe I missed something in docs, but I couldn’t find a way to only expose part of the API needed to chat, not other stuff used for administration etc.
If you are also using REST API, how to you protect yourselves?