Allow Widget without allowing whole Piwik

I would like to publish some widgets on a front of my site for viewing by any visitors. For example, visitor map.
But I don’t want anyone except me to have access to whole Piwik’s statistic, so anonymous’s right to view is disabled at my piwik.
But if anonymous is disabled, site visitors do not see any widgets.
Is there some workaround to view widget by any site’s visitors without ability to access by them piwik’s dashboard?

I read a few about «Authenticate to the API via token_auth parameter»
I created new user, granted access to view (not to admin) to this user.

Question: is it safe to use token parameter (&token_auth=MY_TOKEN) of this user in widgets that are published in frontend of a site?
Can anyone use this token to access in piwik’s dashboard?

I’m just confused by the note in API Reference: “This parameter is as secret as your login and password!”

I’m disappointed. I tried to use «token_auth» parameter to show VISITOR_MAP widget safely to all visitors of my site.
But unauthorized user can easily steal token from HTML code and create his own widget, for example FULL_VISITOR_LOG locally on his computer and see all my statistics!
It would be great that Matt and other developers take a look to EXTENDED RIGHT MANAGEMENT in future releases. For example, separate right for separate widgets.

Thanks for the suggestion! Please see this feature request: Widgetize: giving access to everybody to view a specific widget (token_auth on a per widget basis) · Issue #5703 · matomo-org/matomo · GitHub
and if you can, please post a comment on the ticket