accounts.setAccountInfo JS

Skip to end of metadata
Go to start of metadata

Note: This method is part of the Registration-as-a-Service and the Profile Management - IDS packages. Both packages are premium platforms that require separate activation. If neither are part of your site package, please contact your Gigya Account Manager or contact us by filling in a support form on our site. You can also access the support page by clicking "Support" on the upper menu of Gigya's site.


This method sets account data into a user's account. The method accepts a list of optional parameters each defining a field/object in the account. The parameters that are passed in the request modify the relevant fields, and the other fields remain unchanged.


Do not use this API to create new fields within your site schema, use the REST API accounts.setSchema.


Security and Write Access

For security reasons, we highly recommend using this method from the server side rather than from your web client. Pass the relevant data to your server and call accounts.setAccountInfo from your server.

By default, all the data fields in the Accounts Storage have a serverOnly write access, which means that only signed requests coming from server are allowed to write into these fields. This is defined in the default storage schema. If you wish to use this method from the client side, you will need to change the schema prior  to  using this method. Change the write access of all the fields you wish to set from the client side to clientModify using the accounts.setSchema API method. Otherwise you will receive the "Schema validation failed" error (errorCode 400020) in the method response.




The following table lists the available parameters:


addLoginEmailsstring A comma-separated list of emails that should be added to the user's  login identifiers  list, and can be used for login purposes.
A reference to a callback function. Gigya calls the specified function along with the results of the API method when the API method completes.
The callback function should be defined with the following signature: functionName(Response).
The "Response Object Data Members" table below provides specification of the data that is passed to the callback function.
A string of maximum 100 characters length. The CID sets categories for transactions that can be used later for filtering reports generated by Gigya in the "Context ID" combo box. The CID allows you to associate the report information with your own internal data. For example, to identify a specific widget or page on your site/application. You should not define more than 100 different context IDs.

Note: This parameter overrides the value of the identical parameter in Global Conf (the global configuration object). If the parameter is not set for the method, the value from Global Conf is used.

conflictHandlingstringHow the server handles a "login identifier exists" conflict on a new account:
  • fail - (default) returns a "login identifier exists" error.
  • saveProfileAndFail - profile data is saved before returning error "OK with error login identifier exists".
A developer-created object that is passed back unchanged to the application as one of the fields in the response object.
dataJSON objectAn object containing custom data. Any data that you want to store regarding the user which isn't part of the profile object can be stored here.

Note that when using this parameter for users that already have custom data stored, it is not necessary to set all the fields again. Just include the fields you want to change or add. For example, the following code adds a "car" field to the user's custom data with the value "Suzuki Alto", or, if a "car" field already exists, its value is changed to "Suzuki Alto". Any other fields in the custom data objects remain unchanged.

gigya.accounts.setAccountInfo( {data: {car: "Suzuki Alto"}} );

When set to true, no webhooks are triggered by the API call. The default value is false.

newPasswordstringThe new password to replace the old one. Use this parameter with  password. When passing the securityQuestion or securityAnswer parameters the password parameter is required.
passwordstringThe old password to be changed. Use this parameter with newPassword.
profileProfile objectThe user's profile information as described in the Profile object. You may add to the predefined Gigya fields your own custom profile fields.
rbaJSON object

Sets the specified user's rba policy. Available properties include: 

  • riskPolicy - (string) Determines the rule set from the defined rulesSets configured in the site's RBA Policy or one of the default policies.

If accounts.rba.setPolicy.allowOverride is set to no, this will return an error. You can delete a previously set override by setting the accounts.rba.setPolicy RESTallowOverride value to null.

Code example to set a policy:

rba: {
    "riskPolicy": "low"

Code example to remove the policy:

rba: {
    "riskPolicy": null

For setting a site's RBA Policy, see Risk Based Authentication - RBA.

removeLoginEmailsstringA comma-separated list of emails to be removed from the user's login identifiers list.
requirePasswordChangeBooleanWhen set to true the server will require a password change on the next login.
secretAnswerstringA secret answer to the secret question that can be used for verification. Use this parameter with  secretQuestion Changing the secret answer will not work without providing the existing password ( password  parameter).
secretQuestionstringA secret question that can be used for verification. Use this parameter with secretAnswer Changing the secret question will not work without providing the existing password (password parameter).
usernamestringThe user's new username that can be used as a login identifier, if the site's Login Identifier Policy allow that.
oldPasswordBooleanDeprecated . Use the password parameter instead.


Response Object Data Members

errorCode integer The result code of the operation. Code '0' indicates success, any other number indicates failure. For a complete list of error codes, see the table.
errorMessage string A short textual description of an error associated with the errorCode for logging purposes.
callId string Unique identifier of the transaction, for debugging purposes.
context object The context object passed by the application as a parameter to the API method, or null if no context object has been passed.

In case of a data validation errors (errorCode 400006), you will receive this field as an array of error objects. Each object represents a validation error regarding one of the following fields:  username, password, secretQuestion, secretAnswer, email. For example:

validationErrors: [
      "errorCode": 400006,
      "message": "invalid password - minimum length of 6 characters is required",
      "fieldName": "password"
      "errorCode": 400006,
      "message": "wrong format",
      "fieldName": ""


Code Sample

function setAccountInfoResponse(response)
    if ( response.errorCode == 400006 ) {            
       // check which field are invalid, correct them and call the method again...

var params = { 
    	profile: {
        	firstName: "Bob",
        	country: "Canada"
    	data: {
        	car: "Suzuki Alto"
    	secretQuestion: "What is your father name?",
    	secretAnswer: "David",
    	callback: setAccountInfoResponse


  • This sample is not meant to be fully functional code. For brevity's sake, only the code required for demonstrating the API call itself is presented.
  • To run the code on your own domain, add your Gigya API key to the gigya.js URL. A Gigya API key can be obtained on the Site Dashboard page on Gigya's website. Please make sure that the domain from which you are loading the page is the same domain name that you used for generating the API key.