Skip to Content
Authgate 1.7.0 is released 🎉
FeaturesServer-Sided Variables

Server-Sided Variables

Variables are key-value pairs stored on the server that your application can retrieve. They’re useful for protecting sensitive values and managing application settings remotely.

Why Use Variables?

Instead of hardcoding values in your application (where they can be reverse-engineered), store them on the server:

  • Keep third-party API keys secure
  • Turn features on/off or change configuration without updating your app
  • Store anything you don’t want to be visible in your compiled code

Public vs Private Variables

Private Variables

  • Only accessible to authenticated users
  • Require a valid session token to retrieve
  • Best for sensitive data

Public Variables

  • Only work with anonymous access enabled (see Anonymous Access)
  • Accessible to anyone with your API key and secret
  • No user authentication required
  • Use for general configuration or public stuff (e.g. current version number)

Accessing Variables

Your application retrieves variables through the API. See SDK documentation for examples.

Use Cases

Example: Third-Party API Key Protection

Instead of hardcoding:

string api_key = "sk_live_abc123"; // Visible in reverse engineering

Store it as a private variable and retrieve it at runtime.

Example: Feature Flags

Create a variable enable_beta_feature with value true or false. Check it in your app to enable/disable features remotely.

Example: Remote Configuration

Store server URLs, timeout values, or other settings as variables. Update them without releasing a new version of your app.

Last updated on
LicensesFiles