👋 Next.js Conf 2024: Come build, party, run, and connect with us! See all events

Sanity client: CDN + authorization token

As detailed in the API CDN documentation, requests that include an authorization token cannot be cached. When you configure the Sanity client with a token and perform a query, we automatically route your request to the live API instead of the API CDN. Since this is probably not what you want, you will usually want to set the setCdn option to false, or remove the token.

Here are a couple of recipes to help you decide the right course of action:

Query a private dataset

If you include a token in a so called "single page application" which is public facing, your data is, in principle, already public. In this case, setting the dataset as private doesn't necessarily make sense. If, on the other hand, you actually want your data to be private - make sure that your application do not publicly disclose the token, and set the useCdn setting to false, since it will never use the API CDN anyway.

Do queries and mutations with the same client

In this case, instantiate two clients instead of one. One for write operations, and one for queries:

import sanityClient from '@sanity/client'

export const writeClient = sanityClient({
  projectId: 'some-project-id',
  dataset: 'my-dataset',
  token: process.env.SANITY_AUTH_TOKEN,
  useCdn: false
})

export const readClient = sanityClient({
  projectId: 'some-project-id',
  dataset: 'my-dataset',
  useCdn: true
})

Was this article helpful?