Custom Proxy for Statsig API
Overview
Instead of sending API requests directly to Statsig, you can set up your own environment that proxies requests from your custom domain name to Statsig. This makes it less likely for tracking blockers to intercept your APIs, and allows you to capture more data.
There are many ways to set up custom proxies. We are showing instructions for a few common service providers here.
Regardless of implementation, we strongly advise your proxy simply does passthrough and does not try to deserialize the payload. This will improve robustness by reducing risk of integration issues from Server SDk -> Proxy -> Client SDK, as well as, improve efficiency of the proxy.
If you just want statsig to manage your proxy, you can use our Managed API Proxy
Approaches
AWS CloudFront
Prerequisites
- Write access to your DNS settings.
- Write access on your AWS CloudFront and Lambda console.
- Access to a SSL certificate for your custom domain.
Setup
On your AWS CloudFront console,
-
Click on Create distribution.
-
In the Origin section,
- Set the Origin Domain to
api.statsig.com
. - Set the Protocol to
HTTPS only
.
- Set the Origin Domain to
-
In the Default cache behavior section,
- Set Viewer protocol policy to
Redirect HTTP to HTTPS
. - Set Allowed HTTP methods to
GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE
. - In the Cache Key and origin requests subsection, allow all headers and parameters to be forwarded to the Origin, and allow CORS requests for the Origin.
- Set Viewer protocol policy to
-
In Function associations section,
- Add a Lambda@Edge function to Origin request to rewrite the
Host
header toapi.statsig.com
. Please refer to the AWS tutorial on creating a Lambda@Edge function.
- Add a Lambda@Edge function to Origin request to rewrite the
You can use the following javascript code snippet in your Lambda@Edge function:
export const handler = async (event, context, callback) => {
const request = event.Records[0].cf.request;
request.headers.host[0].value = "api.statsig.com";
return callback(null, request);
};
-
In Settings,
- Add an Alternate domain name (CNAME) to be your preferred domain name to use for the custom proxy, e.g.
statsig.example.com
. - Add a Custom SSL certificate. You will need to follow the AWS guide for Alternate domain name to add a SSL certificate.
- Click on Create distribution.
- Add an Alternate domain name (CNAME) to be your preferred domain name to use for the custom proxy, e.g.
- You will get a Distribution domain name (e.g.
d111111abcdef8.cloudfront.net
) once it is provisioned.
In your DNS settings (depending on your DNS provider),
-
Add a CNAME record in your custom DNS record:
- Host name:
statsig.example.com
- Type:
CNAME
- Data:
d111111abcdef8.cloudfront.net
(The Distribution domain name from AWS)
- Host name:
-
Your proxy should now be setup. See Using Your Proxy for instructions on how to configure your Statsig SDK.
Cloudflare Worker
Prerequisites
You will need a Cloudflare account. Visit https://www.cloudflare.com to set one up.
Setup
Once you are logged into Cloudflare. You can follow these steps:
-
Navigate to "Workers & Pages > Overview" in the left rail to create a new worker.
Note: You may see a different experience if you already have workers on your account.
-
Name you new worker whatever you would like and then click "Deploy".
-
Once deployed, click "Edit Code".
-
Copy and paste the following snippet into the
worker.js
file, then hit "Deploy".export default {
async fetch(request, _env, _ctx) {
const url = new URL(request.url);
const original = new Request(request);
original.headers.delete("cookie");
return fetch(
`https://statsigapi.net${url.pathname}${url.search}`,
original
);
},
}; -
Your worker should now be deployed and ready to use. See Using Your Proxy for instructions on how to configure your Statsig SDK.
Using Your Proxy
Once you have a proxy setup, you will need to take its URL and apply it to the SDK. To do this, you can use StatsigOptions.api
. You can visit Statsig Options to read about the Javascript specific StatsigOptions, but all SDKs have the ability to override the api via StatsigOptions.api
.
The following is pseudo code of what initializing with a proxy looks like:
Statsig.initialize(mySdkKey, myUser, { api: "https://my-statsig-proxy.com/v1" });
Depending on the SDK type, version, and proxy approach you are using, you may not need to append '/v1'
to the end of your api string. eg "https://my-statsig-proxy.com/"