Introduction
Onboarding
What is CloudBees Feature Management?
Use cases
Introduction
Installing client-side SDKs
IntroductionAndroid SDKAndroidTV, FireTV SDKAppleTV SDKC/C++ Client SDKChromecast, Tizen SDKiOS SDKJavaScript SDKJavaScript SSR SDK.NET Client (C#) SDKReact Native SDKTypeScript SDK
Installing server-side SDKs
IntroductionC/C++ SDKGo SDKJava SDKJavaScript SSR SDK.Net (C#) SDKNode.js SDKPHP SDKPython SDKRuby SDKTypeScript SDK
About feature flags
Organizations and apps
Environments
Creating a feature flag
IntroductionCreating a boolean flagCreating a string flagCreating a number flagCreating a flag via Dynamic APISetting flag default values
Feature flag settings
Deleting a feature flag
Embedded feature flags
Multiplatform feature flags
Flag freeze levels
Flag update flow
Configuration values
Requesting approval for flag configurations
Toggling flags on and off
Audiences
Custom properties
Percentage rollouts
Scheduling a feature release
Target groups
Flag dependencies
Flag context
Managing features
Introduction
Activating CasC with GitHub
Verbose logging
Local testing
Microservices testing
User space error handler
Flag impressions
Impression handler
Fetched handler
Integrating with Jira
Integrating with Jenkins
Integrating with Slack
Integrating with Microsoft Teams
Configuring webhooks
Managing user accounts
Managing organization permissions
Managing app permissions
Managing subscriptions
Audit log
SOC 2 compliance
SAML single sign-on
Multifactor authentication
Allow/Disallow domains
Secret mode
A proxy for CloudBees Feature Management
Support policies
Supported platforms
Terms and services
Open Source Software Attributes

Enabling secret mode

2 minute readSecurity
You must be an administrator to enable secret mode.

By design, you can create feature flags directly from the SDK from within the CloudBees Feature Management UI just by creating and using the flag. If your source code is public, however, we recommend enabling secret mode to protect against flags being created or modified by unauthorized parties.

To enable secret mode, submit a request to enable it and add the secret to your internal code.

When secret mode is enabled, you can create flags as you typically would from the CloudBees Feature Management UI.

When enabled, flags will only be created when the devModeSecret is included in the SDK initialization with <the secret key> added to the code. When the code is run with the secret, flags are created within CloudBees Feature Management for all environments.

Do not include the secret in any publicly released code.

The published code continues to use and evaluate the flags without the secret key, preventing unauthorized users from creating new flags.

Requesting secret mode enablement

You must first submit your request to enable secret mode. Once enabled, <the secret key> must then be defined in the application’s Rox SDK setup code.

To submit your request:

  1. Contact CloudBees Support.

  2. Alternatively, you can submit your request from within CloudBees Feature Management as follows:

    1. Select Need our help? from the bottom left corner of any screen.

    2. Enter your Email address.

    3. In How can we help you?, enter your request to enable devModeSecret.

    4. Select Send.

    Once the secret is enabled, it is visible as devModeSecret in the Installation instructions.

Verifying secret mode enablement

After submitting your request, you can verify that secret mode has been enabled.

To verify secret mode has been enabled:

  1. From within CloudBees Feature Management, select Installation instructions from the left of your screen.

  2. In Add the following lines of code to your application, verify <the secret key> is added to devModeSecret as defined in Setting up secret mode.

Secret mode is now ready to be set up.

Setting up secret mode

The following shows the devModeSecret code that is added to the Installation instructions.

Javascript
iOS/Swift
Java
C#
Python
Go
Ruby
PHP
C
C++
 // For development builds only, add this line on app startup
const options = {
    devModeSecret: "<the secret key>"
}
setenv("ROX_DEV_MODE_SECRET", "<the secret key>", 1)
System.setProperty("ROX_DEV_MODE_SECRET", "<the secret key>");
var options = new RoxOptions(new RoxOptions.RoxOptionsBuilder
         {
          DevModeKey = "<the secret key>"
        });
options = RoxOptions(
    dev_mode_key='<the secret key>'
);
 options := server.NewRoxOptions(server.RoxOptionsBuilder {
                DevModeKey: "<the secret key>"
        })
options = Rox::Server::RoxOptions.new(dev_mode_key: '<the secret key>')
$roxOptionsBuilder = (new RoxOptionsBuilder())->setDevModeKey("<the secret key>")
RoxOptions *options = rox_options_create();
rox_options_set_dev_mode_key(options, DEFAULT_DEV_MODE_KEY);
rox_setup(DEFAULT_API_KEY, options);
Rox::Options *options = Rox::OptionsBuilder()
  .SetDevModeKey(DEFAULT_DEV_MODE_KEY)
  .Build();

Rox::Setup(DEFAULT_API_KEY, options);RoxOptions *options = rox_options_create();
 14     rox_options_set_dev_mode_key(options, DEFAULT_DEV_MODE_KEY);
 15     rox_setup(DEFAULT_API_KEY, options);
Allow/Disallow domains
A proxy for CloudBees Feature Management