Feature Flags

Manage rollout of new features for specific users and organizations with Feature Flags.

What you’ll build

In this guide, you’ll create and configure feature flags to control feature rollout for specific users and organizations. By the end, you’ll have a feature flag integrated into your application’s access token.

Feature flags separate feature delivery from code deployment, letting you control rollouts in real time. WorkOS Feature Flags integrates with your existing authentication flow – create flags in the dashboard and access them through the user’s access token. Common use cases include targeted rollouts, beta programs, and premium feature gating.

Use cases

Targeted rollouts: Enable features for specific organizations before a general release
Beta programs: Allow early access to new features for select customers
Premium features: Restrict advanced functionality to organizations on higher-tier plans

Before getting started

Make sure you have:

A WorkOS account
An existing organization in your WorkOS Dashboard

WorkOS Dashboard UI showing organization creation

1. Create a feature flag from the WorkOS dashboard

Sign in to your WorkOS dashboard and navigate to the Feature Flags page.
Click the Create feature flag button and enter a name, slug, and description.

A screenshot showing the WorkOS dashboard feature flags page.

Feature flags are created across all environments, so you can test in a sandbox environment before enabling in production.

2. Set the users and organizations that should have access

Click Edit on the rule for the environment you want to modify. Select your desired rule setting between None, Some, and All. Selecting Some allows you to target specific users and organizations.

To edit a feature flag’s rules in other environments, click the Edit in X button to switch your active dashboard environment and update rules there.

A screenshot showing the configuration of a feature flag organization rule.

A screenshot showing the configuration of a feature flag user rule.

3. Enable the feature flag

Toggle the flag on to start including it in a user’s access token when they authenticate for a configured organization or when the user is individually targeted.

A screenshot showing the enabling of a feature flag.

4. Use the feature flags in your application

Read the feature_flags claim from the access token to gate access to features in your application.

Feature flags appear in the access token the next time the user logs in or the session is refreshed. Manually refresh the session after granting organization access in the dashboard if needed.

JavaScript

 app.get('/api/feature-flags', async (req, res) => {
  // load the original session
  const session = workos.userManagement.loadSealedSession({
    cookiePassword: process.env.WORKOS_COOKIE_PASSWORD,
    sessionData: req.cookies['wos-session'],
  });

  const { sealedSession, featureFlags } = await session.refresh();

  // set the updated refresh session data in a cookie
  res.cookie('wos-session', sealedSession, {
    httpOnly: true,
    sameSite: 'lax',
    secure: true,
  });

  // return the feature flags to the client
  res.json({
    featureFlags,
  });
});

Slack NotificationsGet notifications about feature flag changes in your Slack workspace

Up next