Skip to main content

WebOps previews are now private by default

· 2 min read

Users will now need to authenticate to VTEX in order to access WebOps previews generated for pushed commits in a FastStore repository.

To access the deploy previews, users will need to have access to the domain of the VTEX account indicated either in the GATSBY_STORE_ID from the vtex.env file or the api.storeId entry exported by the store.config.js file.

What has changed?

Previously, WebOps previews were published to public URLs by default. Now, they require VTEX authentication and are private by default.

Why did we make these changes?

Deploy previews may include changes to your storefront and new features that are not yet available to the general public. They may also trigger false phishing alerts since they are the same website hosted on a development domain. This change aims to prevent unauthorized access to such content while making the platform more secure.

What needs to be done?

Every new deploy preview will be private by default. However, to be able to log in and access the private previews, you must install the vtex.faststore-auth app in your account. To do this, run the following command:

vtex install vtex.faststore-auth

If, for any reason, you need your FastStore previews to be accessed by the public or third-party solutions, you may disable authentication by adding USE_DEPLOY_PREVIEW_AUTH=false to your project's vtex.env file.