Hi GrowthBook guys, I'm trying to structure a preliminar implementation here for our SPA, but I'm a little confused about building feature flags based on unauthenticated versus logged in users. 1. How to deal with unauthenticated users, for example, if we want to have feature flags or A/B tests on pages of our sign up process, before authentication takes place? I mean, considering that a unique id is needed to ensure A/B to work properly. 2. And how do users can be bound to previously unauthenticated data as soon as the authentication happens, ensuring the same "person" is tracked properly between unauthenticated and logged in tests?

It's common to have two user ids. An anonymous_id stored in a cookie or localStorage a user_id from your auth system. Every visitor would have an anonymous_id attribute, but only logged-in users would have a user_id attribute. When creating an experiment rule for a feature, you specify which attribute you want to use to split traffic. So if the experiment is before the auth flow, you would choose

anonymous_id

, otherwise

user_id

.

for the anon/device ID, it can work quite well to set as a domain-wide cookie too, so e.g. www.example.com, example.com and app.example.com would have the same ID