Publishable keys on Dub allow you to safely embed authentication in client-side applications. These keys are specifically designed to be used with Dub’s client-side SDKs for features like conversion tracking. Unlike API keys which must be kept secret, publishable keys can be safely exposed in your frontend code since they have limited capabilities. Publishable keys on Dub follow the format:
.env
DUB_PUBLISHABLE_KEY=dub_pk_xxxxxxxxxxxxxxxxxxxxxxxx

Create a publishable key

You can create a publishable key by following these steps:
1

Generate your publishable key

Before you can track conversions on the client-side, you need to generate a publishable key from your Dub workspace.To do that, navigate to your workspace’s Analytics settings page and generate a new publishable key under the Publishable Key section.
Enabling conversion tracking for a workspace
2

Allowlist your site's domain

Then, you’ll need to allowlist your site’s domain to allow the client-side conversion events to be ingested by Dub.To do that, navigate to your workspace’s Analytics settings page and add your site’s domain to the Allowed Hostnames list.This provides an additional layer of security by ensuring only authorized domains can track conversions using your publishable key.
Enabling conversion tracking for a workspace
You can group your hostnames when adding them to the allow list:
  • example.com: Tracks traffic only from example.com.
  • *.example.com: Tracks traffic from all subdomains of example.com, but not from example.com itself.
When testing things out locally, you can add localhost to the Allowed Hostnames list temporarily. This will allow local events to be ingested by Dub. Don’t forget to remove it once you’re ready to go live!
3

Use your publishable key

You can now use your publishable key to authenticate client-side requests in your application. Usage will depend on the client-side SDK you are using.