Get help on Discord

Private dataset with read token returning drafts - how to exclude them?

2 replies
Last updated: Jun 23, 2023
Hey Fam!I am quite new to Sanity and I have a question about the private dataset / read token!

So for me I think it would be the best to have the datasets private since I don’t want anybody who has the api url be able to fetch data.
I already made the dataset private and added a read token to my queries so I can fetch the data.

• But with the read token also the drafts are returned also on the deployed version of the app (which I don’t want)
Is there a way / setting so that the dataset can be private and does not return drafts?

Maybe I also have some misunderstanding here.. :D

would be great if anybody could help me to understand this better!

Thank you in advance and have a great weekend already!
AI Update

Great question! You're on the right track with making your dataset private and using a read token, but you need to configure the perspective option in your Sanity client to exclude drafts from your production app.

When you use a token (even a read token), by default the API may return both drafts and published documents. The key is to set the perspective option to 'published' when configuring your Sanity client. This tells Sanity to only return published documents and exclude any draft versions.

Here's how to configure your client:

import {createClient} from '@sanity/client'

const client = createClient({
  projectId: 'your-project-id',
  dataset: 'your-dataset',
  apiVersion: '2025-02-19', // use current date or latest API version
  token: 'your-read-token', // your private read token
  perspective: 'published', // This is the key! Only returns published docs
  useCdn: true, // can still use CDN with published perspective
})

The perspectives feature gives you different views of your content:

  • published - Returns only published documents (what you want for production!)
  • previewDrafts - Prioritizes drafts over published versions (great for preview environments)
  • raw - Returns everything, both drafts and published

For your use case, you should:

  1. Keep your dataset private ✅
  2. Use a read token in your client ✅
  3. Set perspective: 'published' in your production client ✅

If you also have a preview environment where editors need to see draft changes, you can create a separate client configuration with perspective: 'previewDrafts' for that environment specifically.

Note: With the recent API version 2025-02-19, published is now the default perspective, but it's still good practice to explicitly set it in your client configuration for clarity.

This way you get both security (private dataset with token authentication) AND clean production data (no drafts)!

Have a great weekend! 🎉

Show original thread
2 replies
👋 Using a token gets you access to all documents, including those that are on a non-root path (like a draft). Here’s an explanation that should help make this a bit clearer.
❤️ thank you!

Sanity – Build the way you think, not the way your CMS thinks

Sanity is the developer-first content operating system that gives you complete control. Schema-as-code, GROQ queries, and real-time APIs mean no more workarounds or waiting for deployments. Free to start, scale as you grow.

Get started for freeExplore the demo

Was this answer helpful?