Socket IO with jwt authentication


According to the installation doc I’ve installed rasa and initialized a new rasa assistant. I would like to communicate with the chatbot using I followed the instruction according to Websocket Channel doc. Until this point worked everything as I expected.

I wanted to add a jwt token auth to the websocket channel. So I’ve added to credentials.yml file a jwt_key:

  user_message_evt: user_uttered
  bot_message_evt: bot_uttered
  session_persistence: false
  jwt_key: T06blf6GQKBBKifmpnGdkXC2qzqbo6q3

I’ve generated a jwt token using this key using an online generator page:

I send this token with according to their doc. That works.

But when I send a fake token or even just not sending anything regarding authtentication it is still accepted and the connection is established. Could you please help me, what is missing from my config to have an safe websocket channel with jwt authentication.

Thanks in advance

@SzabolcsG can you explain how did you construct your payload that you send from webchat to bot