INTG: Public-facing no-auth chat interface backed by an admin-designated space #23
Comments
|
I feel this feature could be a great selling point / conversation opener that people can relate to. It's a core differentiator, but an answer/defence to secondary needs. Re: the security risk - worse case a customer could run a second instance just for this if they feel like they need even more layers to prevent leak. But if we get the Space based partitioning right (all the way down and across the stack, like indexes, prompt history storage etc.) and the permissions + audit trail on top 👌🏾 then customers should feel like they need to. I'm assuming the model doesn't "remember" and leak across the Space boundary (this is the bit I don't understand enough yet to have confidence). |
|
This should be embeddable to any website, therefore it's likely to be a JS widget. There're many existing examples of such chatbots. |
|
Would an iframe work for now? depends on the setup of the site we are embedding into I think. For a JS widget we'll need the API etc. which is just more work out the gate before the gate before validating. |
|
I think it's a good idea to put something together without the APIs. May still need some js trickery to get the intercom-like button up and running; iframe is just one of the ways among others. |
Noted |
|
|
|
I'm building another layer between users (authenticated or not) and spaces - I call it engagement. The idea is that engagement:space is 1:N to start with, as a flexible layer to handle space unions in a persistent form, i.e., can be saved in persistence storage and retrieved back later. Then it can be assigned to either users or groups internally, as a shortcut if you like; or assigned for public access, more to build customer front applications such as CS chatbots etc. while not tightly coupled with a single space. |
Okay, I'll suspend working on thisfor now until you are done with this. |
|
@osala-eng you are no longer blocked on this one right? |
No longer blocked, currently working on it. |
Is your feature request related to a problem? Please describe.
There're cases where a business would offer external people (partners, customers etc.) access to a certain portion of their data, usually already publicly accessible such as product literature and knowledge base.
This feature would extend the organisational data's use beyond internal applications.
However see the context below for the potential pushback.
Describe the solution you'd like
Just like #14 this can be piggy-backed to #22 or build something quick before the API-support is available.
See RFC for the backend in #57
Describe alternatives you've considered
N/A
Additional context
The pushback for NOT implementing this feature is mainly for the absolute guarantee of data security, as this opens doors for misconfigured private spaces being used as the data source for the public-facing chat interface. Although it'd be a user error, it's Docq that has this feature to allow it to happen. This is the reason to be cautious about this feature.
The text was updated successfully, but these errors were encountered: