We have a multi-tenant API. Clients are identified and secured by client SSL certificates. User identification is via JWT tokens.
We are implementing a Rasa chatbot for one of our clients. We want to add a webhook endpoint to our API to act as the custom action server.
Therefore can we:
- apply a client certificate to the request between rasa core and our action server.
- pass a JWT token between rasa core and our action server to securely identify the user.
It is not clear if this is possible without modifying the rasa source.