# Safe Mode ### About Safe Mode restricts who is allowed to sync stance-related state to the server. When enabled, the `trueStancer:syncState` event checks whether the calling player has been explicitly authorized. Authorization is controlled server-side through the `addAuthorizedUser` and `delAuthorizedUser` exports. If a player is not registered as authorized, their sync request is rejected and no shared state is updated. This means unauthorized clients cannot push stance, suspension, or tyre-related changes into the vehicle state bags or global synced data. As a result, any changes made without authorization will remain local to that client and will not be replicated to other players. To allow a client to use protected functionality while Safe Mode is active, you must explicitly mark that player as authorized from the server before they attempt to sync data. This should be done as part of your own flow, such as after validating the player, when the vehicle is being loaded, or before allowing access to stance-related client actions. If a player is not authorized before attempting to use these features, the sync call will be blocked. In that case, the client may still appear to apply changes locally, but those changes will not be written to synced state and will not exist for anyone else on the server. *** ### How To Enable Safe Mode can be enabled in the `config/serverSettings.lua` file. ``` trueStancerServerCfg = { safeMode = true, -- Turn on for usage of authentication on every sync call, if disabled cheater local script calls will be visible to everyone! -- Authorization is required from the server side. } ``` When `safeMode` is set to `true`, every sync call requires server-side authorization. If a client is not authorized, its sync request will be rejected and its changes will remain local only. When `safeMode` is set to `false`, sync calls are no longer protected. This means unauthorized client-side script calls can be replicated to other players. *** #### Open Hook Authorization Safe Mode can also be used through an open hook export. The `addAuthorizedUserOpen` export allows another server-side resource to provide a callback function that decides whether a player should be authorized. The callback must return: ```lua true -- player is allowed and will be authorized false -- player is blocked and will not be authorized ``` *** ### Related Tutorials {% content-ref url="/pages/vlLYnmg6LBRGJjDGIQnC" %} [Using the AutoStancer Feature](/truestancer/tutorials/using-the-autostancer-feature.md) {% endcontent-ref %} *** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://trueseries.gitbook.io/truestancer/features/safe-mode.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.