blog post banner image

More Than a Toggle: Using Feature Flags for User Gating in the API

Madison Maher

10/16/2023

Feature Flags are More Than Just a Toggle

As leaders in the feature flag management space, the most common question we get about feature flags is: “What can they do besides turn my features on and off?”

So, we created the More Than a Toggle Blog Series – a series of articles dedicated to unique feature flagging use cases to show how feature flags are more than merely an on/off toggle for your releases.

Today, we’re exploring user gating for a feature with multiple variations in the API. In other words, how to use feature flags to block some users from seeing certain variations of certain features, while giving others access. 

Here are a couple of common scenarios when you might use feature flags for user gating:

“Newbie Users” vs “Power Users” 

For simplistic onboarding purposes, you may want to show different types of users different features based on their familiarity with your platform. 

Freemium Users vs Paid Users  

In most cases, paid users have access to more features than free users. You might use features flags to gate your more advanced features and reserve them for your paid users.

How TechWave Used Feature Flags for User Gating

Today, we’ll look at how the engineering team at TechWave, a fictional SaaS company, uses feature flags to gate features for different user segments in their API. TechWave is releasing an Advanced Integration feature as part of the release of their new data analytics dashboard, InsightX

While all of their users have access to InsightX, TechWave leverages feature flags to ensure that the Advanced Integration capabilities are rolled out selectively to power users, so as to not overwhelm their new users, and provide a more seamless onboarding experience for them. 

This needs to be done in the API as well as the front end so that your API enforces the same business rules and does not rely upon the front end for security.  Where there are many different ways to do gating security within an API using feature flags and DevCycle, front end gives you the security and an easy-to-use UI, so that a product manager could change which variations each user group gets and can add a specific variation to a customer to try out.

Feature Flags for User Gating in the Release of Advanced Integration

TechWave employed a feature flag named "adv-user-gating" to govern access to their Advanced Integration feature for only their power users. To do so, they had to determine the right criteria for granting access. In other words, what makes a power user, a power user? 

They decided that access to this feature would be based on users' engagement levels with the platform. To achieve this, they analyzed user behaviour and set a threshold based on parameters such as the number of reports generated and the frequency of use.

By passing the number of reports generated into DevCycle as custom data, the feature flag can be evaluated and controlled by this data without the DevCycle UI needing direct access to the data.

This approach ensured that only users who had demonstrated a certain level of engagement with the platform gained access to Advanced Integration. It provided a seamless experience for new users while rewarding more experienced users with advanced capabilities.

Important to note in this use case is that feature flags can be used on the server side as well as in the front end. TechWave had to protect their APIs as well as their front end since they could not guarantee that a user would use only their front end to access the feature.

Thus, the users’ context (in this case, engagement criteria) needed to be passed from the front end to the back end so that the same user can be evaluated against the flags. They could then return different data from APIs given the value of the feature flag that the user has.

Using a NextJS application, their team created a new end point, power users.  Both the front end and API will evaluate the Feature Flag for the user granting them access to the feature. If the user tried to access the API without having this feature flag enabled they are returned an 401 unauthorized error message.

Progressive Feature Activation with User Gating 

The narrative above is a prime example of how to use feature flags for user gating. But TechWave took user gating one step further in a really cool way, so we want to show how. ⬇️

They not only gated their Advanced Integration feature, but they also took a progressive feature activation strategy for this feature. Initially, only users who met the engagement criteria gained access to a limited version of their Advanced Integration feature. But as users continued to engage with the platform and meet additional criteria, they gradually unlocked more advanced capabilities within the feature.

This progressive activation approach results in a win-win scenario for TechWave and their users. On one hand, it encourages users to engage more deeply with the platform, thus leading to higher customer retention rates and more active users. On the other hand, it ensures that users are introduced to the complexities of the feature at a pace that matches their evolving needs, so as to not overwhelm them.

Conclusion

User gating is one of many feature flagging use cases that goes far beyond toggling your features on and off. As you can see, feature flags open a wide array of possibilities for your team to achieve development goals you’d otherwise not be able to without feature flags. Whether your goal is to increase deployment frequency, improve your UI, create more personalized user experiences, and so forth, there’s a feature flag for that. Check out more feature flagging use cases here, or see what they can help your own engineering team do today.

Written By

Madison Maher