Secure Deployment of Relay Server

Question

Secure Deployment of Relay Server

Closed this issue 10 months ago · 2 comments

Currently, if I deploy my relay server, it would be publicly available to anyone with the URL. How can I securely deploy it instead of running it locally? Thanks in advance!

Answer 1 · 2024-12-19T16:34:12.000Z

I have my relay running on a subdomain of my app.
In my app I set a domain-wide encrypted cookie that includes a session token, the relay reads that cookie, decrypts the token, then validates it with my backend server.

Answer 2 · 2025-01-18T08:34:43.000Z

Instead of using a relay server, why not use the OpenAI ephemeral client token?