Hi All, it's available to add an token/headers aut...
# sdk-flutter
Hi All, it's available to add an token/headers authorization when we request flag to dashboard via API? Because if someone know our API key, and they try to request or DDOS attack to
will impact to our server. Any suggestion for this issue?
Maybe any whitelist domain or package name for mobile implementation
Sorry for mentions @gifted-cat-24658 or @fresh-football-47124 maybe any insight 🙏
Additional question, I see in the internal network request, your SDK just get and return the json value without any parameters. So, everyone that use Growthbook will get same json value? Or possible to get different json value? If everyone get same json value then SDK will do logic comparison or condition to get expected value
yes, SDKs are evaluated client side - we have remote evaluation on the way
it would be possible to add header authorization, you can open a github issue or submit the PR yourself
Of course, I have submit an issue
@fresh-football-47124 So, we can assume get same json value every request/fetch to the API?
yes, unless the flags have updated
we designed it to be highlight cachable
If we cache the response for all user it's safe?
yes, we have caching built into most SDKs, I think Flutter included, but not 100%
but you can add simple caching yourself
we use SSE to enable realtime updates for some SDKs, again, not sure if flutter is included
but if not, you can use webhooks to expire the cache, or use a reasonable TTL
Ok @fresh-football-47124 thanks for the information, we will try the solution.