Skip to main content

Documentation Index

Fetch the complete documentation index at: https://usegately.com/docs/llms.txt

Use this file to discover all available pages before exploring further.

Gately provides multiple ways to protect content on your website, from simple login requirements to plan-based access control.

Protection Methods

Data Attributes

Simple HTML attributes for quick protection

SDK Methods

Programmatic access control

Auto Protection

Automatic protection based on URL patterns

Member Content

Database-driven content access rules

Quick Start

Using Data Attributes

The simplest way to protect content: 
<!-- Require login -->
<div data-gately-protected>
  This content is only visible to logged-in users.
</div>

<!-- Require specific plan -->
<div data-gately-protected data-plan="pro">
  This content is only visible to Pro plan members.
</div>

<!-- Show only if logged in -->
<div data-gately-show-if="logged-in">
  Welcome back!
</div>

<!-- Hide if logged in -->
<div data-gately-hide-if="logged-in">
  Please log in to continue.
</div>

Using SDK Methods

// Check if user can access content
const canAccess = await gately.checkAccess('content-id')

if (canAccess) {
  showContent()
} else {
  showUpgradePrompt()
}

Protection Levels

LevelDescriptionUse Case
Login RequiredUser must be authenticatedMember-only content
Plan RequiredUser must have specific planPremium features
Custom RulesBased on user attributesAdvanced access control

How It Works

  1. SDK initializes and checks authentication
  2. Protected elements are identified by data attributes
  3. Access is checked against user’s session and plan
  4. Content is shown/hidden based on access rules
  5. Unauthorized users are redirected or shown alternatives

Configuration

Initialize Protection

Protection is automatically initialized when the SDK loads. You can customize behavior: 
gately.initPageProtection({
  // Redirect unauthorized users
  redirectIfDenied: true,
  
  // Check access on page load
  checkOnLoad: true,
  
  // Custom handlers
  onAccessDenied: (content, reason) => {
    console.log('Access denied:', reason)
  },
  
  onRedirect: (url, message) => {
    console.log('Redirecting to:', url)
  }
})

Redirect Rules

Configure redirects in your dashboard or via API:
TriggerRedirect To
Not logged in/login
No plan access/upgrade
After login/dashboard
After logout/

Best Practices

Always provide fallback content for users without JavaScript.
Show loading indicators while checking access to prevent content flash.
Tell users why they can’t access content and how to get access.
For sensitive content, always validate access on the server too.

Security Note

Client-side protection hides content but doesn’t secure it. For truly sensitive data, implement server-side access control using the API.

Next Steps

Member Content

Database-driven content protection

Auto Protect

Automatic URL-based protection