Livestream: The 5 Levels of AI Development Maturity

Announcing Visual Copilot - Figma to production in half the time

Builder.io
Builder.io
Contact sales

Livestream: The 5 Levels of AI Development Maturity

Announcing Visual Copilot - Figma to production in half the time

Builder.io
Builder.io

Preview Private Models

When you have private models in Builder.io, you can securely enable preview functionality using the builder.authToken property in the Gen1 SDK. This approach keeps your private API key secure on the server while allowing content editors to preview draft content in the Visual Editor.

The builder.authToken property authenticates your server-side requests to access private model content without exposing your private API key to client-side code. This is essential for maintaining security while providing a seamless editing experience.

Note: Setting builder.authToken is only needed if using the Gen 1 SDK. Gen 2 SDKs are stateless, and therefore do not require this additional step.

Prerequisites

Before you begin, ensure you have:

  1. A private model configured in Builder.
  2. A private API key generated in your Organization Settings.
  3. A Next.js project with the React Gen 1 SDK (@builder.io/react) installed.
  4. Server-side rendering setup using getStaticProps or similar.

Step 1: Configure your private model

If you haven't already created a private model, follow the instructions in Creating a Private Model to set up your model with the Public Readable toggle switched off.

Step 2: Set up server-side authentication

Configure your private API key on your server using builder.authToken. This property should only be set in server-side contexts like getStaticProps, API routes, or server components.

Add your private API key to your environment variables:

In your page component, set authToken during server-side data fetching:

Important: Never set builder.authToken in client-side code or expose your private API key in your front-end compiled code.

Step 3: Implement secure preview functionality

Use the useIsPreviewing() hook to detect when content is being previewed in the Visual Editor. This ensures your page renders correctly even when no published content exists:

For static generation, configure your paths to include fallback handling:

Step 4: Handle client-side rendering

The BuilderComponent receives the pre-fetched content from your server-side function. Since the private API key was used server-side, the content is safely passed to the client without exposing sensitive credentials:

Complete example

Here's a full implementation for a private model page:

What's next

Now that you have secure private model previewing set up, you can:

Was this article helpful?

Product

Visual CMS

Theme Studio for Shopify

Sign up

Login

Featured Integrations

React

Angular

Next.js

Gatsby

Resources

User Guides

Developer Docs

Forum

Blog

Github

Get In Touch

Chat With Us

Twitter

Linkedin

Careers

© 2020 Builder.io, Inc.

Security

Privacy Policy

Terms of Service

Get the latest from Builder.io

By submitting, you agree to our Privacy Policy

Platform

  • Fusion

  • Publish

  • Product Updates

Use Cases

Developer Resources

Frameworks

  • Design to Code

    >

  • CMS

    >

  • Page Builder

    >

Workflows

Resources

Popular Guides

  • Figma to Code Guide

  • Headless CMS Guide

  • Headless Commerce Guide

  • Composable DXP Guide

Company

Security

Privacy Policy

SaaS Terms

Trust Center

Cookie Preferences