Variables

Variables are key/value pairs injected into your Destination code at runtime. Use them for anything you don't want hard-coded — API keys, pixel IDs, endpoint URLs, feature flags, environment-specific values.

You manage variables from the Variables tab in the Playground UI. Each variable has a name, a value, and a flag that controls whether it's available in the browser.

You have two types. Variables and Secrets.

Use Variables when you need to store non-sensitive information, like URLs or pixel IDs. Use Secrets when you need to store sensitive information, such as access tokens or signing keys.

Server-side access

All variables are available in every edge file (edge/init, edge/tag, edge/user, edge/scheduled) and in your CDN and Server API handlers, under params.secrets:

const apiKey = params.secrets.API_KEY
const endpoint = params.secrets.WEBHOOK_URL

Variable names are whatever you type in the UI — they aren't transformed.

Exposing a variable to the browser

By default, variables stay server-side. If you need a variable in browser code (for example, a public pixel ID), tick the "also include on client" checkbox when you create it.

Client-side variables are available under a slightly different path depending on the browser file:

• browser/init — params.manifest.variables.PIXEL_ID

• browser/tag — params.manifestVariables.PIXEL_ID

• browser/user — params.manifestVariables.PIXEL_ID

// browser/tag
if (window.fbq) {
  window.fbq('init', params.manifestVariables.PIXEL_ID)
  window.fbq('track', params.eventName, { value: params.data.value })
}

Redaction in Simulation

When you run a simulation, Playground redacts sensitive values from the captured output. Any header or body key matching authorization, token, api-key, api_key, secret, password, or cookie is replaced with [REDACTED] before being shown. This keeps your logs clean even when your code legitimately forwards secrets to third-party APIs.