FeatureGate

Evaluation

Evaluate flags with public /v1 routes, server runtime keys, and browser client keys.

Evaluation routes are public API routes for customer applications. Snapshot routes require FeatureGate-issued server runtime keys. POST /v1/evaluate accepts either a server runtime key or a publishable browser client key.

Use this page for integration guidance and exact generated request and response details. The standalone reference pages are still available for deep links: POST /v1/evaluate, GET /v1/snapshot, and GET /v1/snapshot/stream.

Authentication

Send the key as a bearer token. Server runtime keys are scoped to a single environment and carry only the runtime scopes you grant them: runtime:snapshot and/or runtime:evaluate.

Browser client keys can use only client:evaluate. They must be called from an allowed Origin and can evaluate only flags explicitly exposed to clients in that environment.

Use server runtime keys for backend applications and the server TypeScript SDK. Use publishable client keys only from browser code. Client keys are not accepted by /v1/snapshot or /v1/snapshot/stream, and they never expose targeting rules or full environment snapshots.

Evaluate

POST /v1/evaluate resolves one or more flags for a given context in a single round trip. Use it from servers when you do not want to hold a local snapshot, or through the browser and React SDKs when you need client-side checks for exposed flags.

terminal
sh
curl https://api.featuregate.dev/v1/evaluate \
-H "Authorization: Bearer fg_sk_test_0123456789abcdef0123456789abcdef0123456789abcdef" \
-H "Content-Type: application/json" \
-d '{
  "evaluations": [
    { "key": "new-checkout", "defaultValue": false }
  ],
  "context": {
    "user": { "id": "user_123" },
    "account": { "plan": "pro" }
  }
}'
POSThttps://api.featuregate.dev/v1/evaluate
Authenticate with either a server runtime key or a publishable browser client key in the Authorization header.runtime:evaluateclient:evaluate

Body parameters

flagsstring[]optional

Simple flag-key batch. Send either flags or evaluations, not both.

Items: 1-100

evaluationsobject[]optional

Flag-key batch with per-flag fallbacks. Send either evaluations or flags, not both.

Items: 1-100

keystringrequired

Flag key to evaluate.

Length: 1-128

defaultValueboolean | string | number | objectoptional

Typed fallback returned when the flag is missing or archived.

contextobjectoptional

Targeting context. FeatureGate never stores raw context from evaluation requests.

Request
sh
curl -X POST https://api.featuregate.dev/v1/evaluate \
  -H "Authorization: Bearer fg_sk_test_0123456789abcdef0123456789abcdef0123456789abcdef" \
  -H "Content-Type: application/json" \
  -d '{
  "evaluations": [
    {
      "key": "new-checkout",
      "defaultValue": false
    }
  ],
  "context": {
    "user": {
      "id": "user_123"
    },
    "account": {
      "plan": "pro"
    }
  }
}'

Returns

evaluationobjectrequired
projectIdstringrequired

Project bound to the runtime key.

Length: 1+

environmentobjectrequired

Environment bound to the runtime key.

resultsobject[]required
Example response · 200
json
{
  "evaluation": {
    "projectId": "project_example",
    "environment": {
      "id": "env_example",
      "key": "production",
      "name": "Production"
    },
    "results": [
      {
        "key": "new-checkout",
        "type": "boolean",
        "value": true,
        "reason": "targeting_match"
      }
    ]
  }
}

Responses

200Typed evaluation results for the requested flags.
400Validation failed.
401Authentication failed.
403The key is not allowed to access this resource.
429Rate limit exceeded.
500Unexpected server error.

When called with a browser client key, the request must include an Origin that exactly matches the key's allowed-origin list. Unexposed flags behave like missing flags and return the caller-provided default.

Snapshot and ETags

Use GET /v1/snapshot for local evaluation. Snapshot responses include an ETag and support If-None-Match, so unchanged snapshots collapse to a cheap 304.

/v1/snapshot/stream is an optional invalidation channel, not the source of truth. The SDK still reconciles against the snapshot endpoint.

GEThttps://api.featuregate.dev/v1/snapshot
Authenticate with a server runtime key in the Authorization header.runtime:snapshot

This endpoint takes no parameters.

Request
sh
curl -X GET https://api.featuregate.dev/v1/snapshot \
  -H "Authorization: Bearer fg_sk_test_0123456789abcdef0123456789abcdef0123456789abcdef"

Returns

snapshotobjectrequired
versionstringrequired

Opaque snapshot version used to build ETags.

Length: 1+

projectIdstringrequired

Project bound to the runtime key.

Length: 1+

environmentobjectrequired

Environment bound to the runtime key.

flagsobject[]required
Example response · 200
json
{
  "snapshot": {
    "version": "snapshot_version_example",
    "projectId": "project_example",
    "environment": {
      "id": "env_example",
      "key": "production",
      "name": "Production"
    },
    "flags": []
  }
}

Responses

200A cacheable runtime snapshot for local SDK evaluation.
304The caller's cached snapshot is still current.
400Validation failed.
401Authentication failed.
403The key is not allowed to access this resource.
429Rate limit exceeded.
500Unexpected server error.
GEThttps://api.featuregate.dev/v1/snapshot/stream
Authenticate with a server runtime key in the Authorization header.runtime:snapshot

This endpoint takes no parameters.

Request
sh
curl -X GET https://api.featuregate.dev/v1/snapshot/stream \
  -H "Authorization: Bearer fg_sk_test_0123456789abcdef0123456789abcdef0123456789abcdef"

Returns

environmentobjectrequired
idstringrequired

Stable environment identifier, prefixed with env_.

Length: 1+

keystringrequired

URL-safe environment key such as production or staging.

Length: 1+

namestringrequired

Human-readable environment name.

Length: 1+

generatedAtstringrequired

Event generation timestamp.

projectIdstringrequired

Project whose snapshot changed.

Length: 1+

versionstringrequired

Snapshot version after the change.

Length: 1+

Example response · 200
json
{
  "projectId": "project_example",
  "version": "snapshot_version_example",
  "generatedAt": "2026-06-18T00:00:00.000Z",
  "environment": {
    "id": "env_example",
    "key": "production",
    "name": "Production"
  }
}

Responses

200Server-Sent Events carrying snapshot readiness, invalidation, heartbeat, and close events.
400Validation failed.
401Authentication failed.
403The key is not allowed to access this resource.
429Rate limit exceeded.
500Unexpected server error.