SAP Customer Data Cloud Positions

Acceptable Use Policy

Skip to end of metadata
Go to start of metadata

API Calls

Below is a table that lists Gigya's Acceptable Use Policy - what is considered fair use of our platform - in numbers of API calls per license type and number of contacts (users).


  Up to 5M Up to 10M Up to 20M Up to 50M> 50M

# of logins per second


# of registrations per second

Identity# of searches per second1015203050
Identity# of other API calls per second120180280420630
Identity# of federated SAML/OIDC sites55101520
Consent# of searches per second55101520
Consent# of other API calls per second5070110160250
Profile# of ds records (Millions)5070110160250
Platform# of production sites103090180360
Platform# of test sites3060180360720
Platform# of user keys per account/partner100100100100100
Platform# of app keys per account/partner20305080120
Important Note

Rate limits for client-side calls are significantly lower than for server side calls, when making a server-side call, make sure you include appropriate security credentials (app secret or partner secret). Otherwise, the call will be treated as a client-side call for purposes of rate usage, causing you to hit the limit much sooner than you normally would.  

For more information on authorization, see Signing Requests to SAP Customer Data Cloud.


CIAM for B2B

The Acceptable Use policies relating specifically to CIAM for B2B are displayed in the following tables.


Number of CIAM for B2B UsersUp To 399,999 Users400,000 - 999,999 Users1M To 1.99M Users> 2M Users
# of organizations per account/partner (Maximum of 10% of allocated users)*10% of users10% of users150,000200,000


API Limits

Number of CIAM for B2B UsersUp To 399,999 Users400,000 - 999,999 Users1M To 1.99M Users> 2M Users
# of authorization calls per account/partner per second406090120



By default, you may create up to 5 IdentitySync dataflows per partner. To increase that limitation, please open a support incident explaining the need for additional flows. 

Unable to render {include} The included page could not be found.


Load and Security Tests

Load tests and/or security scans may not be performed on the Gigya platform without prior coordination with the Support team.

Failure to coordinate these types of tests in advance will cause Gigya to treat these tests as malicious, automatically triggering security measures which can cause service interruptions to your production systems.


Additional Information

* The number of organizations available for a partner using CIAM for B2B is a value equal to or less than 10% of the allocated users. For example, if a partner has an allocation of 75,000 users for CIAM for B2B then the partner may have no more than 7,500 organizations.