How to implement a nonce to use in Ajax function calls?

I don’t see a way in Yii to limit who can access ajax functions such was with an encrypted code such as a nonce that the calling function sends to the receiving function to ensure a valid ajax request.

There is _csrf protection for that, see this issue How can I validate "_csrf" in Ajax Request.? · Issue #8016 · yiisoft/yii2 · GitHub

Ok, thank you.