Gigya Job Openings

Release Notes

Skip to end of metadata
Go to start of metadata

October 2019

October 15, 2019

Global Access

Global Access enables you to provide your customers a consistent user experience, while honoring regional data privacy and residency regulations. With Global Access, when a customer travels around the world and accesses your localized sites, they log into their account and continue their relationship with your brand, no longer requiring a separate account or complex IT configuration. Users' data is stored at the data center they used to create their account, so that data residency regulations are upheld without compromising experience.
Global Access is now available for early adopters. If you have interest, reach out to your Customer Engagement Executive or open a support ticket.

September 2019

September 25, 2019


  • Updated Sites page of the SAP Customer Data Cloud Console includes the following: 
    • Ability to search for sites by site domain, ID, data center, description and API key, in addition to tags.
    • Pagination at bottom of site list: 
    • Ability to collapse or expand all site groups: 

Email Verification

  • You can now offer users the option to validate their emails using a code sent to their emails, instead of a link. This option, configured with a site policy, ensures that users stay in the context of the registration flow. For more information, see Email Verification and Email Update. Note that currently, social login with email code verification is not supported.


Our recently released Android and Swift SDKs include new 2-factor authentication libraries, that enable implementing Risk Based Authentication on your native apps, rather than using screen-sets.

In addition, recent SDKs include the following features:

  • Swift: support for Apple ID login, session expiration, GigyaWebBridge, latest Facebook SDK; bug fixes.
  • Android: support for Apple ID login, GigyaWebBridge, bug fixes. 
  • Cordova: support for our legacy Android and iOS SDKs.
  • iOS: disabled WeChat, to prevent a rejection of your app by Apple. WeChat support will return when the WeChat SDK supports iOS 13. Support for Apple ID login, latest Facebook SDK.
  • Objective C: disabled WeChat, to prevent a rejection of your app by Apple. WeChat support will return when the WeChat SDK supports iOS 13.

September 24, 2019


  • You can now opt in to webhook events for lite account interactions, by creating a webhook with a version of 1.1. Turning on lite webhook notifications may cause you to receive events you did not previously anticipate, as well as an accountType and callId, so make sure your downstream systems are prepared for this change before creating a 1.1 version webhook. For more information, see Webhooks.

Risk Based Authentication

  • You can now use SAP LiveLink to send out second factor SMS codes, in addition to Twilio, when configuring Risk Based Authentication

September 16, 2019

Apple Sign-In

  • You can now add Apple as one of the options for Social Login, to allow users to log in with their Apple IDs. 

August 2019

August 31, 2019

Sitecore versions < 9 Deprecation

  • As previously announced in November 2018, due to a change in Sitecore's internal architecture, all Sitecore GConnectors for all versions prior to 9.0 have been deprecated and are no longer available. 

August 26, 2019

Phone Number Login

  • New user-facing flow allows users to update their login phone numbers. For more information, see Phone Number Update.

August 14, 2019


July 2019

July 31, 2019


  • You can now add custom HTTP headers to Webhooks, made of key-value pairs, to be sent together with the webhook notification. You can use these headers to add any additional details and context to the notification, e.g. an ID or flag that is consumed by a third-party system downstream.

July 29, 2019

Lite Registration

  • A new lite account progression policy enables merging lite data into the full account at the moment of progression from lite to full. For more information, see Lite Account Progression


  • New notifyLastRecord parameter added to the record.evaluate script used for creating custom scripts. This is used to indicate that the last record in the batch has been handled.

Risk Based Authentication

  • New Android and Swift SDKs enable the completion of a push notification flow, in the event that users have biometric authentication enabled on their phones. In those cases, users will first authenticate with their biometric identification, then receive push notifications. 

July 19, 2019


  • You can now configure your site policy to require email verification from social users, using the SAP Customer Data Cloud Console. Previously, this could only be done using an API call. 

July 11, 2019

CIAM for B2B

SAP Customer Identity and Access Management for B2B is now available! CIAM for B2B helps enterprises manage the end-to-end identity lifecycle of their partner's users with efficiency. It takes the capabilities of fine-grained authorization based on smart policies, and combines them with authentication and identity management, to provide you with a clear view of your partners, their members, and your relationships, easily managed in an intuitive, visual experience. 

July 1, 2019


  • New synchronous parameter added to the SAP Marketing Cloud writer, enabling working in a-synchronous mode. A-synchronous mode is faster, but you will not receive feedback of errors and job status. These should be handled in SAP Marketing Cloud.
  • maxConnections parameter added to datasource.write.external.generic.


Complete redesign of our Android and Swift SDKs. Based on developer feedback, they are driven by 3 core concepts: 

  • Aligned with up-to-date development and performance standards
  • Great customer development experience (never leave the IDE)
  • Focus on common business flows

Enjoy the following benefits:

  • Better performance
  • Work easily with your schema as it's now easily integrated with the entire SDK
  • Caching of the end-user's account data to reduce network calls
  • Built-in business flows, like registration, login and more, with out-of-the-box handling of different interaction scenarios.

Our new SDKs: 


  • You can now specify a value "id_token" in the include param of APIs that return a UIDSignature (e.g. accounts.loginaccounts.getAccountInfo), to return an id_token in JWT format. The token can be used to validate the data and ensure it has not been tampered with. 

June 2019

June 26, 2019

Risk Based Authentication

  • You can now implement a verification process where users receive push notifications to their mobile phone, after they sign in to your mobile app. For more information, see Push Notification.

June 19, 2019

Phone Number Login

  • SAP Customer Data Cloud now allows you to offer your users to authenticate with their mobile phones, using a one-time password received as an SMS message. Setting up Phone Number Login requires setting up an SMS provider. This adds to the various Authentication Methods offered by SAP Customer Data Cloud, such as social login and OIDC.

May 2019

May 20, 2019


  • New login screen to the Console includes a cleaner design and alignment with SAP branding: 
  • You can now manage your cookie preferences for the Console, by opening the user menu and selecting Cookie Preferences:


  • updateDateField parameter added the subscription and consent objects in datasource.write.hybrismarketing, thus adding support for syncing the original subscription or consent date into SAP Marketing Cloud. 
  • When using the generic API writer, you can now pass a field value to parameters and headers, and not just a hard coded value. This enhances the flexibility and usability of the generic API writer. 
  • New look and feel of the IdentitySync Studio in Gigya's Console

April 2019

April 29, 2019


  • SAP Commerce Cloud: Added support for v1811. 

April 24, 2019


  • New component, datasource.write.external.generic, for writing user record data to an external service endpoint. This writer complements existing writers that write data to specific target platforms (both 3rd party services and file storage platforms), and greatly increases the flexibility of the IdentitySync platform. 
  • New error parameter when building IdentitySync Custom Scripts, for sending a failed record to the error path.

March 2019

March 25, 2019


March 11, 2019


  • New version of our Drupal 8 GConnector now supports calling any Gigya screen-set within the connector, enabling Lite and Consent flows. Previously, you could only call the registration, login and update profile flows. 

February 2019

February 27, 2019


  • Changed look, including full-screen display of Console tools, changed backgrounds and colors
  • Changed header that includes:
    • New control for the partner name selector
    • New control for the site selector
    • New user menu that includes the “Admin” menu item, account management and more

February 25, 2019




February 11, 2019


  • New parameters in datasource.lookup.gigya.account
    • isCaseSensitive allows performing a case insensitive lookup. Note that regardless of the value of this parameter, lookups of all 'basic-string' values are always case sensitive.
    • matchBehavior decides what to do in case of a match between the source field and the Gigya field. This can be used when you wish to import only those records that do not exist on the the target platform.
  • New parameters in and secret added for reading Gigya comments from a different source site.  



  • The Magento 2 GConnector now supports calling any Gigya screen-set within the connector, enabling Lite and Consent flows. Previously, you could only call the registration, login and update profile flows.
  • New release of the SAP Commerce Cloud GConnector, with an updated Java SDK.

January 2019

January 28, 2019



  • You can now dynamically display to logged-in users the value of a field saved to their account (e.g., display their first names stored in the profile.firstName field), using any type of control in the UI Builder. Previously, only labels supported this capability. 


Recently released SDKs: 

January 14, 2019


Risk-Based Authentication

  • Users who use time-based authentication as their second authentication factor, may now print backup codes to use in case they cannot access their device. This option is available from their Profile Update screen: 

    On mobile devices, users may generate and view their codes, but cannot print them.

December 2018

December 18, 2018

Lite Registration

  • When Lite Registration is performed using accounts.setAccountInfo, a UID is returned in the response.
  • Lite Preferences Center can now include user-editable profile and data fields, and not only preferences.
  • Emails used in Lite Registration are now validated with the same logic used for (Gigya's default validation, or a regex expression defined in the format parameter for profile fields in accounts.setSchema).


  • When a job fails after processing some files, it will now go into "retry" mode and attempt to handle the remaining files, while ignoring those already processed. 
  • fileNameRegex parameter added to the Amazon S3 reader, for filtering files by their name.

OpenID Connect

  • Site admins can now set a custom issuer for OIDC in the Console.



December 3, 2018


  • New Extension, onBeforeSocialLogin, is triggered when a user performs social login. Currently, the extension is supported only for SAML login, and will be expanded later on to include other types of social login. 


  • Updates to the SAP Marketing cloud writer (datasource.write.hybrismarketing):
    • New timeout parameter for configuring the time to wait for a response from the platform
    • New mobileField parameter for passing a contact's mobile phone number into SAP Marketing Cloud
    • New communicationType field in the consent object, for passing the communication type to which the contact consented
  • timeout parameter added to SFTP and FTP writers and readers
  • In custom scriptssetSessionParameter is now limited to 100 lines. 

November 2018

November 19, 2018


  • New "Fallback policy" setting allows choosing between ignoring all errors in the execution of an Extension, and failing all flows if an error occurs.


  • New templates available in IdentitySync Studio, when creating a dataflow: 
    • Import Full Accounts from SFTP

    • Import Lite Accounts from SFTP

November 13, 2018

  • New header in Gigya's Console, includes the following: 
    • New SAP logo, replacing the Gigya logo

    • Changed control for the partner name selector

    • Changed control for the site selector

November 5, 2018


  • New component,, for reading data "blobs" from the Azure Blob cloud storage using an access token.
  • New parameters added to  datasource.write.gigya.generic : apiKeyuserKey and secret, enable the usage of the generic writer in a Gigya-to-Gigya data transfer scenario. These parameters are used as credentials from the source site, from which to read data. 

October 2018

October 15, 2018


October 8, 2018


The new Extensions feature allows you to flexibly implement custom validations on Gigya login, registration and profile update flows. Using Extensions, you can meet a wide range of business use-cases, such as:

  • Prevent a user from registering with an abusive username
  • Prevent a user from registering with a disposable email address
  • Validate that zip codes match country and state provided

To use Extensions, host custom functions on your site or a serverless computing host (e.g. Lambda). Then, specify which Extension Endpoint (Gigya flow) to attach these functions to. Based on the response received from the Extension endpoint, the service will either allow the flow to proceed, or block it if the validation failed.

Lite Registration

  • You can now create a Lite Preferences Center where lite users can view and edit their privacy and communication settings. This was previously only available for fully-registered users.


  • You can now receive from Twitter an email address in addition to other user details. Note that this depends on approving your app with Twitter, and the individual user's permission. 

October 2, 2018

Risk-Based Authentication

  • You can now offer to users time-based authenticator apps (such as Google Authenticator) as the second step of authentication, in addition to SMS codes. When more than one option is enabled in your RBA configuration, users will now see a drop-down control from which to select their authentication preference:
  • New IPRatio global rule, for triggering an action (e.g., lockout) based on the percentage of failed logins, of the total login attempts.

August 2018

August 27, 2018

  • Gigya's OpenID Connect offering now supports custom scopes and claims. 

August 13, 2018


July 2018

July 25, 2018

  • You can now define entitlements to which a user can grant consent. These entitlements are linked to a specific consent statement. For example, a user can agree to the terms of a contest, and as part of that consent, agree to share their data with a raffle ticket provider (one entitlement) but not with the promotions department (separate entitlement). 
  • In the Consent History tab of Identity Access, you can view the entitlements associated with a consent interaction.

  • In the Consent Vault, the following were added: 
    • A record of the entitlements associated with the consent interaction
    • User Action Timestamp. While it will usually be identical to Timestamp (UTC), the user action timestamp is used to differentiate in import scenarios between the time the record was added to the system, and the original time at which the consent interaction took place. 

July 15, 2018

  • New Audit Log tab added to Identity Access, for viewing audited actions within the context of the user's profile. This replaces the Account Audit Log, which was to be found in the Admin tab of the Console.

July 3, 2018


  • New integration with DocCheck uses Gigya's social login to authenticate medical professionals. 

UI Builder

  • Improvements to the Array Manager ensure a much smoother flow in the UI Builder, when adding and mapping the widget. 

July 2, 2018

  • New limitation placed on several Email Templates placeholders, to discourage spam abuse of Gigya's platform:
    • Maximum length of 30 characters
    • Period characters are replaced by a visually-identical unicode character, to prevent planting clickable links in placeholders 

June 2018

June 26, 2018

Identity Access

  • If your site implementation includes Customer Consent, a new Consent History tab displays an audit of the consent transactions captured for this user, in a user-friendly timeline format.


  • New addResponse parameter in datasource.write.gigya.generic enables including Gigya's API response in the output file, which can then be used in a later step. 
  • You can now connect the generic writer (datasource.write.gigya.generic) to a next step that follows a successful run, and not just a failed one.


June 20, 2018

Consent (Enterprise Preference Manager)

  • User deletion is now captured in the Consent Vault (in addition to the Audit Log). The action is recorded as "Deleted" and the ID of the action is "Right to be forgotten". 

June 6, 2018

Consent (Enterprise Preference Manager)

  • A new verifyLoginInterval parameter in the Global Configurationobject allows you to periodically check the validity of the user account, and automatically log out users whose consent is no longer valid after a consent version update. This ensures that users who have an active long-lived session (“Remember me”), will be asked to re-consent when the active version of a mandatory consent statement changes.


  • You can now use FunCaptcha as a CAPTCHA provider in your login and registration screens, instead of Google. This is especially useful as an added security measure in countries that do not allow using Google’s solution, such as China. Note that this integration requires a FunCaptcha subscription.

June 3, 2018

Enterprise Preference Manager

  • You can now extend the consent statement by defining custom key-value pairs of data for each statement. The consent custom data will be available on the account (when calling or accounts.getAccountInfo), and will be audited in the consent vault

May 2018

May 28, 2018

Identity Access

  • If your site package includes Enterprise Preference Manager, you will have access to the Privacy Tab, which displays the user's consent status to your site's terms of service, privacy policies and other consent statements.

May 13, 2018

Language Support

  • Support added for 3 additional languages on Gigya screens and SDKs: Latvian, Lithuanian and Estonian. This includes default translations for all screen-sets, and localized user-facing error and information messages. For more information on localization, see UI Builder Localization and Advanced Customizations and Localization

May 7, 2018

Identity Access

New actions added to the Identity Access user management dashboard: 

  • Remove Identities: Remove a social or federated identity from the user's account. After removal, the user will not be able to log in with that identity, and data from that source will be deleted. 

  • Reset TFA Devices: Reset the devices used as the second factor for authenticating the user. In their next login, they will need to register a device.

  • Force TFA Expiration: Force the user to provide second-factor authentication the next time they log in.

April 2018

April 29, 2018

Audit Log

Identity Access


  • You can now stop a job mid-run, by hitting the Stop icon in the Job history window: 
  • The inferColumns parameter was removed from file.format.dsv, as column names are inferred automatically, or set manually using the columns parameter. 

April 25, 2018

Identity Access

  • You can now unlock an account that was locked out because they triggered an RBA policy (for example, had 3 unsuccessful login attempts). 

April 15, 2018

Risk Based Authentication

  • If you are using two-factor authentication as part of RBA, you are now required to provide your Twilio credentials in the RBA configuration page. For more information, see Twilio Credentials for Mobile Authentication

April 10, 2018

Social Provider Configuration

  • When configuring social providers, you now have the option to allow only secure (HTTPS) redirects. When choosing this option, you should also make sure your social provider apps are configured to use HTTPS redirect URIs.

April 2, 2018

Enterprise Preference Manager

  • You can now display to users the reason why their personal data is being collected (Purpose), and include a document URL to the statement to which they are agreeing. These can be displayed in any of the supported languages. For more information, see Consent Management.

March 2018

March 26, 2018

Identity Access


Identity Access has a new design. The new dashboard provides administrators and customer service teams with a holistic view of customer profiles, and the ability to manage customer experiences. This update includes:

  • Smoother admin flows, with information arranged logically by tabs (profile, preferences, loyalty)
  • Friendly design with intuitive behavior
  • New capabilities include:
    • Main user list includes both lite and full users
    • Filter for users by their registration status or email ownership
    • Search for users by their full name
    • Perform quick actions from the main page, without having to go into individual profiles: verify an email address, resend a verification email, send a reset password email, and disable / enable login.
    • Manage complex objects and arrays: add new arrays of data to a profile, assign values to existing objects, or delete values.
    • Manage subscription tags
    • Easily move between accounts without the need to go back to the main list

Enterprise Preference Manager

  • You can now add tags to consent objects by using the metadata control in the UI Builder. These tags will be displayed in the Consent Vault for the relevant consent action.

March 21, 2018

Risk Based Authentication

  • Risk Based Authentication now also processes login attempts made by unknown (non-registered) accounts, where previously it only processed information of known (registered) accounts.

  • You can now customize the sender name and message that are sent in an SMS message when two-factor authentication is triggered. For more information, contact your Gigya Customer Engagement Executive.


March 6, 2018


  • Permissions to run an IdentitySync job are now granted automatically on the worker, for partners and users with the relevant permissions. 
  • When creating custom scripts using the record.evaluate component in IdentitySync studio, you can now expand to full-screen mode for easier code editing: 

February 2018

February 26, 2018


  • When reviewing the details of a job in the Job History page, you can now sort by each one of the step metrics (e.g., by duration, step name, number of errors). 
  • New newsletterField in datasource.write.silverpop enables writing to Silverpop's built-in status field, rather than to a custom field. 
  • Updated Silverpop templates in IdentitySync studio use newsletterField by default. 

February 18, 2018


  • Partner ID and API key added to the email notification sent after a job executes. 

January 2018

January 29, 2018


  • You can now use IdentitySync to copy accounts from one Gigya site to another. For more information, see IdentitySync.
  • New step metrics for advanced debugging and monitoring of dataflows that fail or take a long time to execute. For more information about monitoring dataflows, see IdentitySync.

January 24, 2018

  • Support for using Google’s reCAPTCHA v.2 in login screens. If you are using reCAPTCHA v.1, you should migrate to v.2 before March 31, 2018. For more information, see CAPTCHA.

  • Due to low adoption, we are sunsetting the iRank parameter. It will be returned so as not to break existing implementations, but the value will always be zero. The affected APIs are:

January 15, 2018


For more information on IdentitySync releases, see IdentitySync Change Log.

  • IdentitySync Studio can now be opened in full-screen mode. 
  • Status column added to the IdentitySync scheduler, displays a status of "busy" or "ready". 
  • Step parameters in IdentitySync Studio now include a link to the developer's guide, and tooltips on hover: 
  • New consent parameter added to to be used in implementations of Enterprise Preference Manager. Enables retrieving only users with a given consent status (valid, expired, or not granted).
  • New component, datasource.write.hybrismarketing, for writing user data directly to the SAP Hybris Marketing platform. For more information, see Hybris Marketing
  • New action and sync_fields parameters in datasource.write.silverpop support choosing the method for handling existing user data, and specifying a unique ID for rows in Silverpop. 
  • Bug fixes

January 9, 2018

Enterprise Preference Manager

Customer Consent is Gigya's offering for managing user privacy, preferences and consent in a way that is transparent to the user, while helping you uphold rigorous standards so as to support your compliance with international privacy regulations. 

  • Flexibly create site policies (terms of service, privacy policies and other consent statements) and manage their versions.
  • Manage communication preferences.
  • Consent is enforced as part of the site flows (required at registration, when a version changes, and in SSO groups where site policies differ), and in downstream applications using IdentitySync, Gigya's ETL platform.
  • Use Gigya's profile screens to create a preference center: Give users control over their personal data, display the policies to which they agreed, and allow them to manage their communication preferences.
  • Consent is recorded in a tamper-proof Consent Vault.

Account Audit Log

  • New user-friendly audit log that displays a timeline of events audited per a given account (UID).

UI Builder

  • New Privacy and Communication profile screens added to the Update Profile screen set, used to create a preference center for registered users.
  • New consent widget displays to users the name of the policy to which they agreed and the date they signed it.
  • You can now display the value of any field (e.g., profile.firstName) in a Gigya screen.

Social Provider Support

  • Gigya's Social Login now supports logging users in with Kakao and Naver, to better support market presence in Korea and other areas of Asia. 


November 14, 2017

November 14, 2017

  • The UID parameter was added to Email Accounts, enabling tracking the account progression (from Lite to full accounts) and a more consistent user experience.

    This parameter or feature is part of our Early Adopters Program. To find out if you are eligible for participation, contact your Customer Engagement Executive by filling out a support form. You can access the support page by clicking Support on the upper menu after logging into your Gigya Console

  • New subscriptionUpdated webhook is fired when the status of a subscription changes (subscribed / unsubscribed, or a change in the double opt-in status). 

    This parameter or feature is part of our Early Adopters Program. To find out if you are eligible for participation, contact your Customer Engagement Executive by filling out a support form. You can access the support page by clicking Support on the upper menu after logging into your Gigya Console

October 2017

October 31, 2017

  •  New Array Manager widget in the UI Builder enables adding dynamic arrays to Gigya screens that store complex objects, provides great flexibility in the type and quality of data you can request from your users. 

October 24, 2017

  • New home page of Gigya's Console includes the option to add up to 10 tags to each site, for locating your sites easily and quickly in multi-site installations. For more information, see Site Setup.
  • In the UI Builder, new Input Type property for Textbox controls, supports all HTML5 input types, and displays the relevant control (e.g. date selector) both on desktop and on the mobile keyboard.. 

October 18, 2017

  • Custom data fields can now be deleted via the Schema Editor

    This parameter or feature is part of our Early Adopters Program. To find out if you are eligible for participation, contact your Customer Engagement Executive by filling out a support form. You can access the support page by clicking Support on the upper menu after logging into your Gigya Console

  • In the Screen-Sets page of Gigya's Console, you can now see a metric that reflects registration conversion rates, i.e., what percentage of users who started a registration flow, completed it successfully. You can read our Registration Conversion Best Practices for tips and recommendations for raising conversion rates. 

    This parameter or feature is part of our Early Adopters Program. To find out if you are eligible for participation, contact your Customer Engagement Executive by filling out a support form. You can access the support page by clicking Support on the upper menu after logging into your Gigya Console

October 9, 2017

Data Field Deletion

  • You can now delete custom data fields from the accounts and Data Store databases, using an API call. 

    This parameter or feature is part of our Early Adopters Program. To find out if you are eligible for participation, contact your Customer Engagement Executive by filling out a support form. You can access the support page by clicking Support on the upper menu after logging into your Gigya Console

September 2017

Version 7.4 - Released on September 25, 2017

Scoped Data Access

  • You can now assign data permissions on the field-level to user groups.

    Scoped Data Access is a new feature and released under an Early Adopters program. If you would like to make use of this feature please contact your Customer Engagement Executive.

Subscription Management

  • Double Opt-In: You can now require your subscribers to confirm their subscription via email, to ensure compliance with anti-spamming policies and German and Canadian legal requirements, and provide users with a better experience. Supported for both full and lite registrations.

    Double Opt-In is a new feature and released under an Early Adopters program. If you would like to make use of this feature please contact your Customer Engagement Executive.

  • New accounts.importLiteAccount API for importing Lite Registrations and aubscriptions supports writing the value of the timestamp in the lastUpdatedSubscriptionState parameter, thus expanding support for various subscriber import requirements.

UI Builder

  • New  onBeforeValidation event is called after a user submits a form, and before Gigya's built-in field and form validations, for creating custom field validations.

Recently Released SDKs

Other Platform Enhancements

  • You can now create your own custom regex for validating fields in Gigya registration forms.
  • New ds.getTypes API for returning all the types defined in the DS schema, so that you can view the schema structure of your Data Store.
  • New accountLockedOut webhook event is fired when an account is locked out as a result of login attempts that were labelled as risky by RBA.


August 2017

August 14, 2017

Schema Editor

August 9, 2017

Invisible ReCAPTCHA 

  • Support for including an Invisible reCAPTCHA widget in registration screens. For more information, see CAPTCHA

July 2017

July 12, 2017

Configuration Copy Tool

June 2017

June 28, 2017

Screen-Set Version Control 

  • New panel for managing screen-set versions, including user and timestamp for each change. This allows greater auditing capabilities, and the option to rollback changes by reverting old versions, and/or opening them for editing.

Screen-Sets on Child-Site Level 

  • Within a site group, you can now create separate screen-sets for child sites, independent of the parent site. This allows agencies and third parties to manage screen-sets for a child site without requiring access to the parent site.

Version 7.3 - Released on June 26, 2017

Lite Registration

Lite Registration enables your customers to sign up in a passwordless flow to subscribe to newsletters, or to receive added value (such as voting, unlocking content, contest participation, etc.) without completing a full registration flow. 

  • A new LiteRegistration screen-set is created and can be edited in the UI Builder whenever adding a new screen-set collection. 
  • New isLite parameter added to accounts.initRegistrationfor indicating that a newly created account is a Lite Account. This returns a dedicated regToken, that can then be passed to accounts.setAccountInfo to create a Lite Account.
  • New isLite parameter added to accounts.setAccountInfo for admins to use when importing lite accounts.

Subscription & Preference Management

  • New Subscription object for capturing and managing newsletter subscription information.
  • New subscriptions parameter added to accounts.setAccountInfo for passing the subscription object.
  • New subscriptions option for the include parameter added to accounts.getAccountInfo for retrieving the user’s subscription status.
  • Added support in accounts.setSchema and accounts.getSchema APIs for setting and getting subscription data.
  • Subscriptions data updates both full accounts, and Email Accounts (see below).

Email Accounts

  • A new entity, Email Accounts, merges identity information from Lite and Full (registered) accounts, as well as subscription data, using an email address as the identifier.
  • New view toggle added to Identity Access, to toggle between a UID-based view, and a (new) email-based view.
  • You can now use to retrieve email account information, including Profile, Data and Subscription objects.
  • Includes indication of the type of accounts associated with the user, with the Boolean fields hasFullAccount and hasLiteAccount.

UI Builder Localization 

  • You can now localize your screen-sets via the UI Builder. The new localization canvas is a centralized system for managing all your localizations, and includes support for up to 44 locales, with 15 full locale translations provided out-of-the-box by Gigya.uiBuilderLocalization.png  

Schema Editor  

  • Gigya's Schema Editor allows you to interactively edit your site's schema via the Gigya Console.


New onSubmit Event

  • New onSubmit event fired when users submit a Gigya screen (after onBeforeSubmit and before onAfterSubmit). The new event allows you to modify data before it’s submitted to Gigya’s servers, enabling asynchronous handling of your data.


May 2017

May 22, 2017

Android SDK

  • Bug fixes

May 17, 2017


April 2017

April 30, 2017

UI Builder

  • Localization canvas for managing translations of a given screen-set. This enables one screen-set to support multiple languages, rather than creating individual screen-sets per target language. 

Version 7.2 - Released on April 05, 2017

SSO Segments

Global Configuration in the Console

  • Global Configuration can now be created, saved and edited within Gigya's Console, and includes built-in mobile support.

Javascript Editor in UI Builder

  • New JavaScript editor within the UI Builder allows you to set event handlers, define custom buttons and more, for a specific screen-set. Includes built-in mobile support.


  • Added Subscriptions option for facilitating newsletter sign-up when mapping fields in the UI Builder
  • New accounts.unsubscribe API for unsubscribing users from newsletters. 

Miscellaneous Changes

  • It is now possible to override master configurations in child sites regarding CAPTCHA requirement for new registrations. 
  • You can now update comment sender data after a comment has been posted, allowing you to preserve sender information (such as photos) when migrating between servers.
  • Added support for sharing images to VKontakte.
  • The OpenId Connect Relying Party (OIDC RP) redirectUri has been changed.
  • The socialize.exportUsers API is being deprecated. For more information, see Changes That May Require Your Action.

Version 7.1 - Released on February 06, 2017

JSON Web Token (JWT) Support

Risk Based Authentication (RBA)

  • New Console UI to simplify RBA configuration
  • Network Protected Identity (NPI): a new feature of Risk Based Authentication (RBA) which leverages data gathered on suspicious login attempts from Gigya's ~1 billion users to increase security.  

OpenID Connect (OIDC)


UI Builder

  • Changed dialog when making changes that cause a schema update, now shows details of the change in JSON format, so as to update existing screen-sets with greater ease. 
  • New image control for adding an image to any screen. 

Web Content Accessibility Guidelines (WCAG)

  • Enhancements to support WCAG compliance, e.g., looped tabbing within a Gigya screen for better keyboard control, added screen-reader support.

Miscellaneous Changes

  • Updates to icons in the Share Bar based on latest branding guidelines from social networks, including Facebook, Google Plus, Linkedin, Twitter, and Microsoft.

  • Identity Access default search now also includes the username, in addition to the email, UID and first or last names.

Unable to render {include} The included page could not be found.

Legacy Changes

Version 6.5 - Released on November 14, 2016

UI Builder Improvements

  • New customizable Password Reset screen added to default screen-sets. 
  • Ability to store multiple items in array fields.
  • New Admin permission added to allow users to make UI changes to screen-sets without modifying the site schema. 
  • Set fields as 'required' in a given screen, without making them 'required' in the site schema.
  • New 'Metadata' control. Enables storing metadata from within a screen (e.g., version number of terms of use, date and time of acceptance), without exposing that data to the end user.
  • Ability to clone, add, delete and reorder screens within a screen-set, for a more flexible user experience and the option to customize flows within the UI Builder.
  • Exposed in the UI Builder the screen-id, auto-skip and data-on-success screen attributes. 
  • Set a default value for checkbox controls, such as to check them by default to increase subscription rates. 


  • Can now return the following additional fields to the SP:
    • profile.address

    • profile.state

    • profile.thumbnailURL

    • profile.photoURL

    • profile.URL

    • account.isVerified

RaaS - Site Groups

  • Ability to override the automated email policy for child sites. This allows for greater flexibility when sending brand-specific emails from your existing marketing system.

Version 6.4 - Released on September 26, 2016

UI Builder Improvements

Webhooks Improvements

  • Ability to define multiple webhooks per site.

  • Ability to mute webhooks when calling accounts.setAccountInfo via REST.

General Improvements

  • Social login now supports keyboard navigation.

  • Share Bar now supports configuring popup size and positioning.

Deprecation of Legacy Identity Providers

  • Kaixin, VZNet, TypePad, Verisign, LiveJournal, MySpace, Skyrock, Digg, OpenID and Signon have been deprecated.

Miscellaneous Changes

  • You can no longer use an email address with a single character top-level domain (e.g., test@gigya.c). Using one will result in error code 400006.

  • Usernames limited to 500 characters maximum.

  • Password length limited to 100 characters.


Version 6.3 - Released on June 07, 2016

Audit log improvements

  • Added time field to Date/Time filters.
  • Added country field to the expanded information panel.
  • Added flags for Malaysia, Argentina, Hong Kong, Taiwan and Greece.

Share Bar

  • Support for the new Pinterest PinIt button.

Customer Insights

  • Favorite Books added to the Interests tab in CI.


  • Added support for multiple custom buttons in the plugin. You can now add multiple custom SAML IdPs, with your site as the SP.
  • Support for the new Instagram icon.


  • Support for the new Instagram icon.


  • Improved keyboard navigation in screen-sets.

Console access improvements

  • Improved support for Italian landlines.


Version 6.2 - Released on March 28, 2016

Comments / Ratings and Reviews plugin

  • The Comments and Ratings and Reviews plugins now use version 2 by default.
  • To use version 1 (not recommended), pass the version parameter with a value of 1.

CAPTCHA now required for all shares via email

  • CAPTCHA is now activated automatically for all email shares.

Deprecated support for IE8

UI Builder

  • The list of check-boxes control has been removed from the UI Builder. This does not affect implementations that currently use this control.


  • When passing an object where an array is expected, error code 400006 is now thrown instead of 500028.

Miscellaneous bug fixes

  • Fixed Italian translation encoding bug.
  • Fixed translation in Dutch.
  • Fixed bug where TFA screen didn’t close under certain circumstances after registration completion.
  • Fixed bug with SSO after logout.
  • Fixed bug with errors thrown when multiple Follow Bars loaded on the same page.

Version 5.8 - Released on October 26, 2015

Line as a Login Provider

Major Improvements to RaaS

For version 5.8, RaaS has undergone a major redesign - both the UI and behind-the-scenes functionality. It has been overhauled visually and has been made fully responsive. In addition, improvements have been made to the UI Builder and new widgets have been added. Here are some of the more prominent changes:

  • Screen-sets have been updated to a more modern look and feel. For more information, see UI Builder.
  • Screen-sets are now fully responsive.
  • Improved preview mode in the UI Builder allows you to simulate screen-sets as they're displayed on various devices and screen sizes.
  • New support for conditional attributes in screen-sets enables you to fine tune your screens on smaller devices.
  • New "Login ID" control added to the UI Builder.
  • New "My Photo" widget added to the UI Builder. With a single widget, users can upload/view their profile photo or change their existing photo. When used on a mobile device, users can upload a photo directly from the device camera. For more information, see Markup Extensions.
  • Improved functionality in default screen-sets:
    • Instant validation of user input, including "user ID" availability. 
    • "Keep me logged in” remembers the user’s login state, so they don’t have to log back in every time they return to the site.

    • An ability to close any Gigya screen and get back to the originating site.
    • Password strength indicators are now available on mobile.

Visual Styles for Add-ons Updated

  • CSS for the Social Login, Add Connections and Edit Connections add-ons have been updated to match the style of the new RaaS screen-sets.


  • The concept of Temporary Users, deprecated for some time, will no longer be supported. For more information, see Changes That May Require Your Action.
  • Miscellaneous bug fixes and performance enhancements.
  • is now prioritized when resetting passwords via Identity Access.

Version 5.7.5 - Released on September 01, 2015

Optional two-factor authentication (TFA) on a per-user basis

  • Site admins can now selectively enable/disable TFA on a per-user basis (for example if a certain type of user requires more elevated security than another).
  • If TFA isn’t mandated for all users, then users can choose to independently activate it, as an additional security measure.

New placeholders available for RaaS email templates

  • Additional user profile fields will now be available as placeholders for email templates: nickname, username, name, birthDay, birthMonth, birthYear, age, UID, email, gender, city, state, country, zip, photoURL, thumbnailURL and profileURL.

PayPal as an OAuth2 Provider

  • “paypaloauth” will be added as a new login provider, enabling you to create new Paypal applications directly, simplifying the onboarding process.
  • OAuth login will provide better permissions control, allowing you to define which permissions to request rather than have Gigya set a default list on your behalf.

Version 5.7 - Released on July 20, 2015



General Improvements

  • Fixed issue with 'Welcome' emails sent to imported users. 
  • Importing social users now also imports social data.
  • Miscellaneous bug fixes and performance enhancements.


Version 5.6 - Released on June 16, 2015


  • GCS, formerly deprecated, is no longer supported.

Social Login

Follow Bar Plugin

General Changes

  • Interests and Activities endpoints have been deprecated by Facebook and will no longer be returned. In addition, you will no longer be able request those permissions from your users. For more information, see
  • Various localization bugs have been fixed in the Czech, German, Hungarian and Taiwan-Chinese languages.


Version 5.5 - Released on May 18, 2015



Social Login



  • Comment replies are kept even if the parent comment is deleted.


Site Groups and SSO


General Improvements

Version 5.4 - Released on March 23, 2015


  • Users can now be logged in by clicking the email verification link.

Social Login

  • Optimized the Social Login plugin for mobile and other touch screen devices.


Site Groups and SSO

  • Added support for SSO on iOS devices where 3rd party cookies are blocked for non-visited domains on the browser.
  • 'Welcome', 'Password reset' and 'Account deleted' automated emails are now configurable at a child-site level.


  • The Facebook option in the Share Bar plugin and Simple Share pop-up will now display the 'share' dialog by default. 


  • Added a new 'Users by Level' report which displays users' GM data by levels within a challenge. 

Customer Insights

  • Exports from CI Plus and CI Plus queries opened in the Identity Query Tool now support queries that contain Signals (i.e. activity filters).

Chat Plugin

General Improvements

  • Added new group privilege - 'Full API Access'.
    • When checked, any user assigned to the group has full API access using their individual user key/user secret.
  • Added support for localization in Bulgarian, Slovak, Serbian and Croatian.
  • Login responses now include a 'new user' indication.
  • Added support for hashing passwords with the pbkdf2-sha256 algorithm.


Bug Fixes

  • Date formats returned from the server are now standardized to ISO 8601 in the following format:

Version 5.3 - Released on February 17, 2015


  • Gigya can now be used as a SAML IdP

    • partners can use Gigya’s Idp service to federate identities across sites that do not share a users database.

  • Improved login behavior for users who log in to Gigya via SAML with Gigya as SP

    • Partners can now set an initial permission group for users when permissions are managed at the Gigya console including a ‘No Permissions’ group


Markup Extensions



  • "Most Shared" and "Most Referred" reports now show the original canonical shared URL, and include the title of the shared page.

Customer Insights

  • Added a basic version of CI with Demographic data for all RaaS and Identity Storage customers

  • CI's Profile and Top Likes sections now support pagination to display more results.

  • Improved ‘Quick Filters’ functionality (previously ‘Filter Shortcuts’).

  • Added ability to view and copy queries from CI.

  • Improved ‘More Options’ layout.

  • The "Top Content" data pane in CI only displays pages that were explicitly registered through the "Signals" page in the Admin Console or via API.


  • Added a new dashboard in the Admin Console to support NEXUS integrations, so that activation for integrations can be requested through the Gigya Console in a ‘self serve’ manner.


Social Login

  • Added support for ‘WeChat’ as a new login provider.

  • Clients can upgrade to version 2 of the login plugin via the UI builder.

Chat Plugin

  • Updated list of available login providers

  • Added ability to delete a single chat entry



  • Users can now edit their comments after posting

  • Email address is prefilled in the ‘follow my comments’ subscription textbox.

  • Some UX improvements

  • Anonymous (logged out) users who wish to share their comments will be prompted to login automatically


General Improvements

  • Added support for PHP Symfony 2 password hashing algorithm

  • 3rd party plugins can now validate login signatures for users logging in through Gigya

  • Improved support for migrating user data between sites or from other social login providers

    • Ability to import complete user social information

  • Social login popup now closes automatically when login fails due to inactive account.

  • search’ APIs now accept a timeout parameter

  • updateComment response now returns a comment object

  • Added new data types to the Data store / accounts databases.

  • Improved ‘import settings’ time on Game Mechanics.

  • All API responses now include a ‘Time’ field.


Bug Fixes

  • Fixed RenRen support for sharing via mobile

Unable to render {include} The included page could not be found.