Before you start
Segments and audiences should explain who qualifies for a growth action. They should not override access control. Always keep Project membership and authorization checks separate from campaign targeting rules.
What you build
Audience logic can use:
- Project membership state
- Project role or permission-derived eligibility
- session recency
- lifecycle events
- campaign or notification history
- loyalty state
- plan and environment boundaries
Implementation steps
1) Start from Project scope in the console
Every audience should be tied to a Project and environment. This keeps sandbox tests, production campaigns, and audit history separate.
2) Use identity-safe attributes
Prefer stable membership and lifecycle facts. Avoid copying sensitive profile data into campaign tooling unless that system needs it and can protect it.
3) Re-check access before privileged actions
An audience can decide who receives a message, but privileged product UI still needs runtime authorization.
4) Log audience decisions
For important campaigns, keep the segment definition, execution time, Project, environment, and resulting audience size.
API coverage note
Use documented public APIs and webhook events for integration. When segment authoring is console-only, keep your product UI linked to the console workflow rather than duplicating unsupported rules.
Security and operational notes
- Do not target users after they lose Project eligibility.
- Treat audience export as sensitive data.
- Keep plan limit messaging clear when an audience exceeds campaign capacity.
Related docs
- Campaigns:
/docs/growth/campaigns - Analytics:
/docs/growth/analytics - Roles and Permissions:
/docs/concepts/roles-permissions