Is your feature request related to a problem? Please describe.
When we configure Allowed Origins with our specified domains, it restricts access for other domains. However, if the bot can be accessed directly via URL, it remains open to everyone. This means that while the restriction effectively prevents external sites from embedding the bot, it does not stop unauthorized access through direct links.
Describe the solution you'd like
I recommend adding an option or toggle in either the Security Settings or Share tab that allows us to control whether the bot can be accessed directly via URL. This feature would help prevent unauthorized access to the bots.
Describe alternatives you've considered
At present, I don't see any alternative solutions to address this issue. Even when embedding bots in an iframe, users can right-click and inspect the element, revealing the bot's URL, which can then be easily copied and accessed by anyone.
Is your feature request related to a problem? Please describe. When we configure Allowed Origins with our specified domains, it restricts access for other domains. However, if the bot can be accessed directly via URL, it remains open to everyone. This means that while the restriction effectively prevents external sites from embedding the bot, it does not stop unauthorized access through direct links.
Describe the solution you'd like I recommend adding an option or toggle in either the Security Settings or Share tab that allows us to control whether the bot can be accessed directly via URL. This feature would help prevent unauthorized access to the bots.
Describe alternatives you've considered At present, I don't see any alternative solutions to address this issue. Even when embedding bots in an iframe, users can right-click and inspect the element, revealing the bot's URL, which can then be easily copied and accessed by anyone.