SAP Customer Data Cloud Positions


Skip to end of metadata
Go to start of metadata

Unable to render {include} The included page could not be found.

Unable to render {include} The included page could not be found.


Important Reminder

As of August 1st, 2018, Facebook has deprecated the publish_actions scope. You should remove this scope from all of your Facebook apps to avoid warning messages and update any implementations that rely on it. For more information, see Changes That May Require Your Action. For more information, see How To Remove Facebook publish_actions Scope.

As of October 6th, 2018, Facebook will no longer allow their Login app to be hosted on a non-HTTPS/HSTS page. All Facebook Login instances will require HTTPS on this date.



This page is a step-by-step guide for the process of opening and setting up an external desktop web application in Facebook as part of the Gigya Setup process.

For instructions pertaining to setting up a Facebook app for mobile devices, please see our Mobile SDKs section.

When using any 3rd Party Apps with SAP Customer Data Cloud, it is important to ensure that you Enable retrieving user contacts from the Permissions page of the Console prior to making your app live. This enables the user's contacts retrieval from providers that don't consider this an elevated permission.



To receive assistance from the Gigya team with your app's configuration, see Providing Gigya Access to Your Facebook App Settings .

Note: If your site is defined under one of Gigya's non-US data centers, replace domain references to "" (or "") with https://socialize.<data_center>/

Where <Data_Center>  is:
  • - For the US data center.
  • - For the European data center.
  • - For the Australian data center.
  •  - For the Russian data center.
  •  - For the Chinese data center.

If you are not sure of your site's data center, see Finding Your Data Center.

Domain references are defined in Gigya's dashboard, externally in social network app definition pages, and when using Gigya's SDKs to set the domain (in particular the APIDomain field in class GSRequest). 

Note: Facebook apps require a domain alias (CNAME) that redirects to Gigya, for example "" which redirects to an address assigned by Gigya Customer Services.  Please ask your Customer Data Cloud Implementation Consultant for the precise redirection definition. Facebook apps without a CNAME will not be able to share, as Facebook no longer supports sharing without a CNAME.

If you are only using Facebook for Login, it is recommended best practice to also use a CNAME. With the frequent updates to the Facebook API, and a trend of Social Networks to move towards deeper and broader security, it is likely that a CNAME may one day soon be required by Facebook for all apps.

Unable to render {include} The included page could not be found.

Phase 1 - Opening the Application in Facebook

  1. Log into your Facebook account.

  2. Open the Facebook developer's page at:
  3. In the top menu, click on "Apps" and select "Add a new app".

  4. In the popup, enter the Display Name for your new app and press Create New Facebook App ID.
  5. In the Create a New App ID popup:
    • Enter your Contact Email address.
    • If this is a test version of another app select Yes from the options.
    • Select a category for your app.
    • When you are done, click on "Create App ID" (and complete any required CAPTCHAs).

      Make sure you review the "Facebook Platform Policies" at

  6. You will arrive at the Dasboard for your new app.

    • For Facebook Login, locate the Facebook Login app from the Add a Product section and press Set Up.

    • Enter your site's domain in the "App Domains" field. These are the domains within which OAuth will authorize your app to view data. For example, if you use the CNAME "", the "App Domains" field must contain "". 
    • Your Contact Email should be filled in from the first step of the App process. If it is not, you will need to enter it here, this is required to activate your app to Live status.
    • Enter your Privacy Policy URL and any other relevant details. 

      A Privacy Policy URL, Terms of Service URL, and App Icon are required by Facebook.

  7. When prompted to choose a Platform, select Web.

  8. Enter your website's address in the Site URL, then click Save, and then Continue


    Note: To forcibly sign a user out of Facebook in socialize.logout, socialize.removeConnection or accounts.logout, the "Site URL" must match the name of your site.
  9. If necessary, scroll and click through the Quickstart guide.
  10. Click on the Settings tab of the Facebook Login Product.



  11. Enter your Valid OAuth redirect URIs. These will be either your Cname, or Gigya's server:


    If your website does not implement SSL (https), also enter:


    Locate your site's datacenter

  12. Copy the "App ID" and the "App Secret" strings (you will need to paste them in Gigya's website, as described in phase 2), use the Show button to see the "App Secret".

  13. After testing your app, be sure to navigate to the App Review tab and make your app public.

  14. Basic Facebook Login setup is now complete. You can proceed to Phase 2 or continue, below, for more advanced features.

  15. If you are defining an Android app for Facebook: 

    Click the +Add Platform button at the bottom of the page and add an "Android" platform.  You will need to enter your Android app's "Package Name" and the "Class Name" of its Main Activity as well as the app's key hash. The key hash is a unique app identifier generated with the Java keytool utility: for more information about this and setting up Android apps for Facebook see  Note that Android apps can be added at a later stage by updating the Facebook app and going to the "Settings" button's "Basic" tab (<YOUR-APP-ID>/settings/basic/). If you have an Amazon Appstore URL, you may enter that here also.

  16. Select the Advanced tab of the Settings page:
    • Set Native or desktop app? to "No".

    • Set App Restrictions as you require. 

  17. Click +Add Product and choose Facebook Login.


  18. Click the blue Save Changes button at the bottom of the page.
  19. If you are creating a Canvas App, click +Add Platform at the bottom of the Settings page again and select Facebook Canvas.For an explanation of the App Info > Details fields see



    The Following information, through Step 20, only applies if you want your app available via the Facebook App Store.

    • To access the App Center options, you must click the +Add Product button from the left menu and add the App Center option to your app.

    • In the App Center tab's App Info section enter a short and long description for your app, and tagline. For more information on Gigya's use of Facebook permissions see our permissions page
    • The app Category can be changed in this section.


  20. In the App Center Listed Platforms section, set Website to Yes

  21. Enter icons, banners, screenshots and videos in the relevant sections. For Facebook information on the requirements see The minimum requirements for these sections are:
    • Icons section - At least a logo.
    • Banners section - At least a web banner and cover image.
    • Screenshots - At least 3 screenshots are required.
  22. Click the "Localize" button on the left if you want to configure your app's details for viewing in other languages.
  23. Optional: Facebook provides an option to request approval for your app. Note that this may take some time and is not required for logging in with Facebook.
    • If you do want to get Facebook approval, click on the App Review tab on the left, set your app to be available to the general public (unless it is still being tested).
    • To request a formal review for extended permissions, click Start a Submission
    • A dialog box will open for you to select the Apps to be included in the submission (more than one app may be submitted at once).

  24. Optional: You can ask for login permissions beyond the basic ones. This will need to be submitted for approval by Facebook. The full list of additional permissions can be found here.
    • If you want to ask for login permissions beyond the basic ones (email, public_profile and user_friends are the basic).
  25. If you request permissions that require additional steps to complete, you will receive a popup warning informing you of any steps that still need to occur to submit your app for review.

    • You will then see the steps required to complete your submission. You will need to include screenshots and notes regarding your planned use of the new permissions:

    • After you click on Edit Notes you need to complete the questionnaire that appears, which may look similar to the following, however, each permission you request has different requirements. For each specific permission you request, you will need to complete the corresponding Edit Notes section: 

    • Click the Save button to complete the Edit Notes section. For help with individual sections you can reference this page.


Recommended Best Practice for using Webhooks:

You can not setup custom Webhooks within a Facebook App connected to Gigya.Gigya uses Social Sync to monitor and track Facebook Webhooks. Gigya's Social Sync enables your user's account data to be automatically updated whenever your Facebook users update their profiles on Facebook; these changes will sync automatically to their existing accounts in Gigya. 

The Gigya Platform uses a specific implementation of Facebook's Webhooks API. Facebook only allows a single Webhook used for subscription per application, so you can not use unique app specific settings in a Facebook application that is being used with Gigya.

Any custom settings within the Facebook Webhooks section of your app will be overwritten when you connect your app to Gigya in the following section: Phase 2 -Configuring Facebook's Application Keys in Gigya's Website, as well as anytime you make changes within the Gigya Console. For this reason you can not use custom Webhooks settings within your connected Facebook app.

When you configure your Facebook Provider Configuration in the Gigya Dashboard (below), the Webhooks settings in your Facebook app will be automatically configured (and overwritten if necessary) for integration with the Gigya Platform.

Gigya automatically subscribes to the following fields: birthday, education, email, first_name, hometown, last_name, likes, location, music, name, religion and work.

Test Users

In order to submit an app for approval, you must have previously used your app with the permissions you are requesting. You can do this by using Test Users. To set up Test Users, go to the Roles tab of the Facebook Dashboard and select Test Users.



Test Apps

You can create a test app for development that is a child of your live app, so that you can edit the configuration while leaving your current app live. To create a Test App, inside the Facebook Dashboard, select +Create Test App from the current app's Dashboard drop-down.

For more information, see the Facebook documentation at



Phase 2 - Configuring Facebook Application Keys in The Gigya Website

  1. Open the Providers Configuration page of Gigya's Console.
  2. From the list of main social networks, select Facebook.
  3. Paste your keys (the "Secret Key" and the "Application Id" from the end of phase 1) in the corresponding places:

  4. Enable native SDK capabilities is required to use cross-device SSO and auto login. 
  5. Select Secure redirects only to allow only HTTPS redirects from Facebook.
  6. If you defined a canvas application in Facebook, enter its URL. 
  7. Click OK, and then Save Settings at the lower right-hand corner of the page.


Phase 3 - Setting Up Your Facebook For Business Account

Facebook issues app-scoped user IDs to users who register to your app, meaning that a 'providerUID' obtained from Facebook is only valid in the scope of that particular app. Since each app is associated with a single site, clients with multiple sites are recommended to create a business account in Facebook in order to bind users' data from all sites under a single business entity. This step can be performed at any point, and any existing Facebook app can be bound to the business entity that you create. 

Once you set up your business entity on Facebook, any user that registers to multiple sites is recognized across your different sites and his social data can be aggregated under a single identity. Gigya automatically recognizes your business and associates it to all of your apps, so no further configuration is needed other than setting up your Facebook business entity and associating all of your Facebook apps to your business.

App-scoped data can be obtained via the the identity object. The identity holds an array called 'mappedProviderUIDs' which contains pairs of Facebook 'Users ID' and the site API key that uses the associated app.

Make sure that all of your Facebook apps are using the same Facebook API version.

That's it, Facebook configuration is complete! Please note that it might take up to 10 minutes for our system to become synchronized with Facebook.

Note: To learn how to localize your Facebook application to different languages, please refer to