Next.js Discord

Discord Forum

Chatbot as a service security

Unanswered
Giant resin bee posted this in #help-forum
Open in Discord
Giant resin beeOP
I am building a chatbot-as-a-service using vercel ai sdk where clients can set up a chatbot and get an <iframe> code to embed on their website. The problem is that anyone can copy this <iframe> code and use it on their own site.

Even if I set up CORS, request headers can be modified before sending the request, making it possible to bypass restrictions. What’s the best way to securely allow only authorized websites to use the chatbot?

0 Replies