Mixpanel Community Icon
Join Our Community
Mixpanel Bot

Restricting Mixpanel Project Token to a Specific Domain for Security

Avatar of Noah H.Noah H.
·
·

Is it possible to restrict a project to a domain? Meaning that for example only my-domain.com could send data to mixpanel with that project token. Would be great for security without having to set up a proxy

2 comments

  • Avatar of kapa.ai
    kapa.ai
    APP
    ·
    ·

    Hi Noah H., Please stand by as I search the Mixpanel knowledge base for an AI-powered answer. I normally take about 15 seconds or so. In case AI cannot answer your question, feel free to reach out to Mixpanel support at mixpanel.com/get-support. If you have follow-up questions for this thread, please tag me again with your question: @kapa.ai <follow-up question> đź‘‹

    Feel free to ask a follow-up question once I've answered by mentioning me with @kapa.ai

  • Avatar of kapa.ai
    kapa.ai
    APP
    ·
    ·

    Based on the knowledge sources provided, there isn't specific information about restricting a Mixpanel project to accept data only from a specific domain without using a proxy.The documentation does mention a few related security approaches: 1. Tracking via Proxy: Mixpanel supports routing events through your own domain proxy, which can help with ad-blockers and potentially provide some security benefits, but this is the approach you're trying to avoid. Mixpanel SDKs: Javascript2. Domain Claiming for SSO: There is functionality for claiming domains, but this is related to Single Sign-On authentication for accessing Mixpanel, not for restricting which domains can send data to your project. Single Sign-On3. Separate Development Data: The documentation recommends using separate projects for development and production environments, with code that automatically switches between project tokens based on the domain, but this doesn't restrict which domains can use a particular token. Developer Environments4. Data Views and Classified Data: These features allow you to control who can see what data within your organization, but don't restrict which domains can send data. Setting Up MixpanelThe knowledge sources don't mention a built-in way to restrict a project token to only accept data from specific domains without using a proxy. You might want to contact Mixpanel support directly to see if there are any other security options available that aren't covered in these documents.

    kapa.ai is still learning and improving, please let me know how I did by reacting below.

    ℹ️ Tip: Mention @kapa.ai in the thread for follow-ups or DM the app for 1-to-1 help.