Principle:FlowiseAI Flowise Public Chatbot Sharing
| Attribute | Value |
|---|---|
| Page Name | Public_Chatbot_Sharing |
| Workflow | Chatbot_Deployment |
| Repository | FlowiseAI/Flowise |
| Domain | Deployment, Sharing, Public Access |
| Source | packages/ui/src/api/chatflows.js:L9-L13, packages/ui/src/views/chatflows/ShareChatbot.jsx, packages/ui/src/views/chatbot/index.jsx |
| Last Updated | 2026-02-12 14:00 GMT |
Overview
Technique for making a chatflow accessible as a public chatbot via a shareable URL without authentication.
Description
Public sharing toggles a chatflow's isPublic flag, generating a public URL at {baseURL}/chatbot/{chatflowId}. The public page uses getSpecificChatflowFromPublicEndpoint (which requires no authentication) to load the chatflow configuration and renders the flowise-embed-react BubbleChat widget.
This is the simplest deployment method in Flowise, suitable for demos, proofs of concept, and public-facing bots where authentication is not required.
The sharing mechanism involves two distinct operations:
- Toggle Public Access: The
isPublicboolean flag on the chatflow record is updated via theupdateChatflowAPI. When set totrue, the chatflow becomes accessible through the public endpoint.
- Public Endpoint Access: A separate API route (
/api/v1/public-chatflows/{id}) serves chatflow configuration without requiring authentication. This endpoint is distinct from the standard/api/v1/chatflows/{id}endpoint which requires a valid session.
The public chatbot page at /chatbot/{chatflowId} is rendered by the chatbot/index.jsx component (118 lines), which loads the chatflow configuration from the public endpoint and initializes the embedded chat widget.
The ShareChatbot.jsx component (594 lines) provides the complete UI for managing public sharing, including:
- A toggle switch to enable/disable public access
- The public URL display with copy-to-clipboard functionality
- A link to open the chatbot in a new browser tab
- Chatbot appearance customization settings
Usage
Use this principle when sharing a chatflow as a public chatbot accessible without login. This is the recommended approach when:
- Creating a demo or proof-of-concept chatbot
- Building a public-facing customer support bot
- Sharing a chatbot with stakeholders who do not have Flowise accounts
- Providing a direct link to a chatbot for testing
When Not to Use
- When the chatflow processes sensitive data requiring authentication (use API Key Management instead)
- When you need to restrict access to specific domains (configure Chatflow Security Configuration first)
Theoretical Basis
This technique implements the public endpoint pattern. A separate API route serves chatflow configuration without authentication checks. The chatflow ID serves as the public identifier, functioning as an unguessable token (UUIDs are used) that provides a minimal level of access control through obscurity.
The toggle is a simple boolean flag on the chatflow record, which provides a clear and immediate mechanism for enabling or revoking public access. This binary approach avoids complex permission models for the public sharing use case.
The architectural separation between the authenticated endpoint (/chatflows/{id}) and the public endpoint (/public-chatflows/{id}) ensures that the public route can have different rate limiting, logging, and response shaping behavior without affecting the authenticated management API.
The public chatbot page is a self-contained React component that depends only on the public endpoint and the flowise-embed-react widget library, creating a clean separation between the management UI and the public-facing chatbot experience.