Skip to main content
Question

Should customer IDs be kept private

  • January 29, 2026
  • 1 reply
  • 20 views
focused_space-justin
Forum|alt.badge.img+1

Hello - wanted to clarify something I saw discussed in documentation and other questions. It seems that there shouldn’t be a big concern exposing a customer’s user ID to the customer themselves. Is there an issue with other people being able to discover a customer’s ID?

 

For example, we have IDs for our application users. These users may (in the future) interact with each other, for example user A might send a message to user B. Would it be a problem if the IDs that we use to enable identifying the target of the message are the same IDs we use to identify a user to RC? In other words, what would user A be able to do if they knew the customer ID for user B? Or: given our public API key (which is compiled into the app) and a customer’s ID, what information and operations are exposed?

 

It would be great if there was a RC security whitepaper or something like that which went over all the security considerations for implementation somewhere in the doc hub...maybe i’m missing it?

    1 reply

    alejandra-wetsch
    RevenueCat Staff
    Forum|alt.badge.img+6

    Hey ​@focused_space-justin

    Thank you for reaching out!

    As you mentioned, exposing a user's own user ID to that user is not a security concern. However, allowing other users to discover or see those IDs can be problematic.

    To provide additional details on the capabilities of Public API keys, they have access only to operations that can be performed through the SDK:

    • Fetch customer/subscriber information
      • Get entitlement/subscription status for a specific customer ID
    • Post purchases
      • These are validated server-side with the app stores, so invalid purchases are discarded 
    • Get available products/offerings for display in paywalls

    Since the public API key is embedded in your app, the only protection against users querying each other's subscription status is keeping customer IDs non-guessable and private.

    For this reason, we recommend using non-guessable App User IDs and not exposing them. If you plan to use the same IDs for both user-to-user interactions and RevenueCat identification, other users can look up each other's subscription status, which may not be desirable depending on your use case.

    Thank you for your feedback on the security documentation. We do have some mentions of security here and there, but there’s nothing specific. I’ll share this internally to add this to our docs!

    Alejandra, Developer Support Engineer @ RevenueCat
    Terms & ConditionsCookie settingsAccessibility statement