How safe and idiomatic would be to use channels for unauthenticated users instead of ajax

A little context and use case: I have this phoenix app that allows authenticated users to search in database, to retrieve public data. The unauthenticated users use ajax calls and routes to trigger controller and send back a json response to have the same result.

Is it ok to connect somehow unauthenticated users to the private channel maybe as guests or something so that I can ditch ajax calls? How do you solved this in your app?

I create my socket connection like this:

  socket = new Socket('/socket', {params: {guardian_token: app.guardian_token}})

If it is possible, what should I be careful about?