https://www.growthbook.io/ logo
#ask-questions
Title
# ask-questions
n

numerous-glass-72216

04/01/2024, 4:18 PM
hey there, i'm curious, is it possible to somehow hide the feature flag names in the api response when it is being loaded into a browser/mobile client?
f

fresh-football-47124

04/02/2024, 1:47 AM
you can turn on ciphered feature flags when setting up the SDK endpoint
n

numerous-glass-72216

04/02/2024, 2:00 AM
i did turn it on
but it doesn't seem ciphered at all
i can see the feature names still
h

happy-autumn-40938

04/02/2024, 3:39 AM
Are you using SDK encryption, one of the toggles in the Ciphered setting?
n

numerous-glass-72216

04/02/2024, 4:26 AM
no i'm in the free plan still
is that just a paid plan feature?
i selected Ciphered, but didn't hit the toggles
h

happy-autumn-40938

04/02/2024, 4:27 AM
That is correct, encryption is a Pro or Enterprise feature.
n

numerous-glass-72216

04/02/2024, 4:27 AM
so how does it work? the api would return features without the actual names?
but the code would still reference it the same?
h

happy-autumn-40938

04/02/2024, 4:29 AM
Yes, the code would still reference it the same way. In a client-side context (like the browser), think of it as very strong obfuscation. The app encodes the entire payload and the SDK decodes it to memory. It keeps most prying eyes off your feature names, but of course can be intercepted with enough effort.
of course if your feature names are exposed in public code, then they can also see what might exist
for 100% secure/hidden, you'd want to use "Remote Evaluated" (Pro, Enterprise) for your frontend SDKs, or use feature flags / experiments on your backend only.
n

numerous-glass-72216

04/02/2024, 4:36 AM
awesome okay thanks for the information!!
it was just weird that i could select Ciphered, even though i couldn't select the sub-toggles haha
so i THOUGHT i had ciphered on
h

happy-autumn-40938

04/02/2024, 4:38 AM
I can see how that is a bit misleading. The only free variant of "ciphered" is scrubbing your experiments' names and variation names. It's not very ciphered...
n

numerous-glass-72216

04/02/2024, 4:40 AM
haha exactly
2 Views