Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix for 401 Unauthorized #15

Open
wants to merge 5 commits into
base: main
Choose a base branch
from

Conversation

SebastianMaierOfficial
Copy link

This is my fix for #10 - I'm uncertain if it is the intended way because the API key is visible in the frontend code.

@HenryHengZJ
Copy link
Contributor

hey @SebastianMaierOfficial thanks for the PR!

The reason I didn't add the ability to include API Key in the first place is because if doing so, user will then be able to inspect the network tab and get your API key. So its generally recommended to not assign any API key to the chatflow you are trying to embed.

Its right that you still can't prevent people from spamming your chatflow (because its now public, anyone can access). But exposing API key has much higher risk.

@SebastianMaierOfficial
Copy link
Author

hey @SebastianMaierOfficial thanks for the PR!

The reason I didn't add the ability to include API Key in the first place is because if doing so, user will then be able to inspect the network tab and get your API key. So its generally recommended to not assign any API key to the chatflow you are trying to embed.

Its right that you still can't prevent people from spamming your chatflow (because its now public, anyone can access). But exposing API key has much higher risk.

I totally agree, but the chat was not working at all for me without the API key ;)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants