Modifying the chatbot
Only the developer access token actually has the rights to modify the chatbot's behavior. That is, if you wish to add, update or delete intents and entities, you need to use the developer access token.
As a result, it is much more important to ensure you don't provide your Developer Access Token to untrusted entities. Now you need to decide who is and is not untrusted, but if you wish to have only one takeaway from this post, it should be:
Someone who has access to your Developer Access Token can delete your entire chatbot from API.AI. It does not matter if it is in the middle of an important conversation with your customer. Needless to say, if you are doing commercial transactions using your chatbot, this is a really major concern.
Regenerating the key
As a consequence, you can also see that it is possible to regenerate the client access key. When you click on the regenerate and create a new Client Access Token, the old key will not be usable anymore. You should do this if, according to the documentation, "your client access token is compromised".
Client Access Token can trigger intents
I don't know if this is just an intentional feature, but the interesting thing is: the Client Access Token has the rights to trigger intents by using their Event field.
Is this a potential security concern? I am not sure. For one thing, I think most people leave their Default Welcome Intent as it is, which means the WELCOME event can probably be triggered by anyone with access to your client key. If the same person also has access to the way you generate sessionIDs for your chatbot, they could in theory cause some havoc.
Don't build a custom web UI for API.AI on a static website
This is probably going a bit too deep into this topic, but for those who are interested, you can see this follows from the previous paragraph. By definition, a static website such as that hosted on GitHub Pages exposes all the code (including the client key and the sessionID generating code). It may not be too hard for someone to inspect the code and start messing around with others who are using the chatbot. (This might still not be a major problem but it is good to be aware of the general concerns).
Which key to use for which API call?
Now this is an interesting question. One would suppose that everything the Client Access Token can do, the Developer Access Token should be able to do. But the converse is definitely not true. Does this mean the Developer Access Token is just a superset of the Client Access Token?
The API.AI documentation does give us some hints.
For methods which can change the behavior of the entire chatbot, such as for example intent modification you need to use the developer access token.
For methods which are safe and won't change the behavior of the entire chatbot, the documentation simply says "YOUR_ACCESS_TOKEN" which means you can use either DAT or CAT.
Now comes the interesting question. Is there a REST API call which can only be done using the CAT but not the DAT? Actually, in the documentation there seems to be a hint of one such call: updating the /userEntities (line breaks added for clarity)
curl -X POST -k -H "Content-Type: application/json" -H
"Authorization: Bearer CLIENT_ACCESS_TOKEN"
So I set up a little experiment using a test chatbot (let me know if you would like to know how I did it in the comments below, I will write it in a different post).
As it turns out, the mention of the CLIENT_ACCESS_TOKEN is only a nudge towards best practices. The developer access token definitely does have the right to do the same API calls which are relevant to /userEntities also.
So based on whatever experiments I have conducted till now, it is fair to assume that the DEVELOPER_ACCESS_TOKEN is a proper superset of the CLIENT_ACCESS_TOKEN.
- Why I avoid using slot filling (required parameters) in Dialogflow
- Free Tool: Convert your WordPress website into a Dialogflow FAQ chatbot
- Dialogflow Mega Agent Tutorial
- Reader Question: Will followup events work when an intent has an input context?
- How to learn Dialogflow in a week
- Reader Question: Do I need a contextual fallback intent for every single context?
- Reader Question: Can I use a single agent for Facebook, WhatsApp and website bot?
- Five ways to integrate a Dialogflow chatbot into your website
- BotFlo vs Dialogflow CSV Importer
- Build Better Dialogflow Bots