Epic: Add granular trait control for client-side SDKs #6822
Description
The Edge API uses client-sent traits for segment evaluation even when allow_client_traits is disabled — a security gap that lets untrusted clients influence segment matching. The Core API correctly drops these traits.
Rather than silently changing evaluation behaviour for ~2% of paid SaaS customers who have this toggle disabled, we're adding a new environment-level field allow_client_traits_in_evaluation with a grandfathering SaaS-only migration so existing environments keep working while new environments get correct behaviour.
The Environment settings UI should reflect the new field and include a section that allows to define a policy in regards to traits sent over by client-side SDKs:
- The existing allow_client_traits should be controlled by the "Persist" toggle.
- The new allow_client_traits_in_evaluation field should be controlled by "Use in evaluation" toggle.
References
- Original report: Disabling traits persistence prevents traits to be used in segment evaluation #6739
- Edge API issue: https://github.com/Flagsmith/edge-api/issues/546
- Docs/frontend PR (on hold): docs: Clarify
allow_client_traitstoggle name and behaviour #6782 - Slack thread with CS team discussion