Gigya Job Openings

accounts.getPolicies REST

Skip to end of metadata
Go to start of metadata

This method retrieves account policies. Please refer to the accounts.setPolicies method parameters for a detailed specification of the policies.

Single-Sign-On Considerations

When using accounts.getPolicies within a Single-Sign-On (SSO) environment, the method will return all policies that are set at the Master level and not overridden by the specific Member site being queried, as well as all policies of the Member that are currently overriding the Master.

 

Note: If you plan on integrating Gigya's Accounts API, we highly recommend reading the Registration-as-a-Service Guide. Registration-as-a-Service (RaaS) is a premium platform that requires separate activation. If RaaS is not part of your site package, please contact Gigya by filling in a support form through the Console. You can access the support page by clicking Support on the upper menu after logging into the Gigya Console.



Request URL

Where <Data_Center> is:
  • us1.gigya.com - For the US data center.
  • eu1.gigya.com - For the European data center.
  • au1.gigya.com - For the Australian data center.
  • ru1.gigya.com - For the Russian data center.
  • cn1.gigya-api.cn - For the Chinese data center.

If you are not sure of your site's data center, see Finding Your Data Center.

 

Authorization Parameters

Each REST API request must contain identification and authorization parameters.

Some REST APIs may function without these authorization parameters, however, when that occurs, these calls are treated as client-side calls and all client-side rate limits will apply. In order to not reach client-side IP rate limits that may impact your implementation when using server-to-server REST calls, it is Recommended Best Practice to always sign the request or use a secret. A non-exhaustive list of REST APIs that this may apply to are as follows:

  • accounts.login
  • socialize.login
  • accounts.notifyLogin
  • socialize.notifyLogin
  • accounts.finalizeRegistration
  • accounts.linkAccounts

Please refer to the Authorization Parameters section for details. 

 

Parameters

RequiredNameTypeDescription
sectionsstringA comma-separated list specifying which sections of the policies to include in the response. The available policies are:
  • registration
  • gigyaPlugins
  • accountOptions
  • passwordComplexity
  • emailVerification
  • emailNotifications
  • passwordReset
  • profilePhoto
  • security
  • twoFactorAuth
  • federation

Note: Non-privileged requests (not signed with the partner secret key) may only request the following policies: registrationgigyaPlugins and passwordComplexity.

filterstringSpecifies what policies to include, can be one of the following options: 
  • full (default) - include the effective policy, including all Gigya defaults and inherited (for member sites in a group) policies.
  • explicitOnly - include only policies that are explicitly defined by the site.
format string Determines the format of the response. The options are:
  • json (default)
  • jsonp - if the format is jsonp then you are required to define a callback method (see parameter below).
callback string This parameter is required only when the format parameter is set to jsonp (see above). In such cases this parameter should define the name of the callback method to be called in the response, along with the jsonp response data.
context string/JSON This parameter may be used to pass data through the current method and return it, unchanged, within the response.
dontHandleScreenSet Boolean This parameter may be used in order to suppress the showing of screen-sets as a result of API calls. Default is false.
httpStatusCodes Boolean The default value of this parameter is false, which means that the HTTP status code in Gigya's response is always 200 (OK), even if an error occurs. The error code and message is given within the response data (see below). If this parameter is set to true, the HTTP status code in Gigya's response would reflect an error, if one occurred.

Sample Requests

 

Response Data

FieldTypeDescription
 
errorCode integer The result code of the operation. Code '0' indicates success, any other number indicates failure. For a complete list of error codes, see the Error Codes table.
errorMessage string A short textual description of an error, associated with the errorCode, for logging purposes. This field will appear in the response only in case of an error.
errorDetails string This field will appear in the response only in case of an error and will contain the exception info, if available.
fullEventName string The full name of the event that triggered the response. This is an internally used parameter that is not always returned and should not be relied upon by your implementation.
callId string Unique identifier of the transaction, for debugging purposes.
time string The time of the response represented in ISO 8601 format, i.e., yyyy-mm-dd-Thh:MM:ss.SSSZ or
statusCode integer The HTTP response code of the operation. Code '200' indicates success.
This property is deprecated and only returned for backward compatibility.
statusReason string A brief explanation of the status code.
This property is deprecated and only returned for backward compatibility.

 

registrationJSON objectThe registration policy.
gigyaPluginsJSON objectThe Gigya plugins policy.
accountOptionsJSON objectThe account options policy.
passwordComplexityJSON objectThe password complexity policy.
emailVerificationJSON objectThe email verification policy.
passwordResetJSON objectThe password reset policy.
profilePhotoJSON objectThe profile photo policy.
securityJSON objectThe security policy.
twoFactorAuthJSON objectThe two-factor authentication policy.
federationJSON objectThe federation policy. 

A field that does not contain data will not appear in the response.

 

Response Example

{
  "registration": {
    "requireCaptcha": false,
    "requireSecurityQuestion": false,
    "requireLoginID": false,
    "enforceCoppa": false
  },
  "gigyaPlugins": {
    "connectWithoutLoginBehavior": "loginExistingUser",
    "defaultRegScreenSet": "Default-RegistrationLogin",
    "defaultMobileRegScreenSet": "Default-RegistrationLogin",
    "sessionExpiration": 0,
    "rememberSessionExpiration": 604800
  },
  "accountOptions": {
    "verifyEmail": false,
    "verifyProviderEmail": false,
    "allowUnverifiedLogin": false,
    "preventLoginIDHarvesting": false,
    "sendWelcomeEmail": false,
    "sendAccountDeletedEmail": false,
    "defaultLanguage": "en",
    "loginIdentifierConflict": "failOnAnyConflictingIdentity",
    "loginIdentifiers": "email, providerEmail"
  },
  "passwordComplexity": {
    "minCharGroups": 2,
    "minLength": 6
  },
  "security": {
    "accountLockout": {
      "failedLoginThreshold": 0,
      "lockoutTimeSec": 0,
      "failedLoginResetSec": 0
    },
    "captcha": {
      "failedLoginThreshold": 10
    },
    "ipLockout": {
      "hourlyFailedLoginThreshold": 20,
      "lockoutTimeSec": 800
    },
    "passwordChangeInterval": 0,
    "passwordHistorySize": 0
  },
  "emailVerification": {
    "nextURL": "http://accounts.gigya.com/GS/VerifyEmail.aspx",
    "verificationEmailExpiration": 86400,
    "autoLogin": true,
    "nextURLMapping": [],
    "defaultLanguage": "en",
    "emailTemplates": {
      "en": "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n    <head>\n\t\t<META name=\"from\"    content=\"Name <noreply@YOUR-SITE.com>\" />\n\t\t<META name=\"subject\" content=\"Account Activation\" />\n    </head>\n    <body style=\"font-family: Arial; font-size: 13px; line-height: 16px;\">\n        <div style=\"background: url('https://cdns.gigya.com/site/images/email/background.png') repeat-x; width: 720px; padding:13px 0; margin:0 auto;\">\n            <div style=\"background: #fff; border-radius: 3px; margin: 0 auto; width: 693px; \">\n                <div style=\"padding:30px 30px 29px;margin: 0px auto;\">\n\t\t            <p>Hello <b>$firstName $lastName</b>,</p>\n\t\t            <p>Please click this link to activate your account:</p>\n                    <p><a href=\"$emailVerificationLink\">Activate link</a></p>\n                </div>\n            </div>\n        </div>\n    </body>\n</html>\n\n\n"
    }
  },
  "passwordReset": {
    "requireSecurityCheck": false,
    "resetURL": "https://demo.gigya.com/passwordResetPage.php",
    "tokenExpiration": 3600,
    "sendConfirmationEmail": false,
    "defaultLanguage": "en",
    "emailTemplates": {
      "en": "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n    <head>\n\t\t<META name=\"from\" content=\"Name <noreply@YOUR-SITE.com>\" />\n\t\t<META name=\"subject\" content=\"Password Reset\" />\n    </head>\n    <body style=\"font-family: Arial; font-size: 13px; line-height: 16px;\">\n        <div style=\"background: url('https://cdns.gigya.com/site/images/email/background.png') repeat-x; width: 720px; padding:13px 0; margin:0 auto;\">\n            <div style=\"background: #fff; border-radius: 3px; margin: 0 auto; width: 693px; \">\n                <div style=\"padding:30px 30px 29px;margin: 0px auto;\">\n\t\t            <p>Hello <b>$firstName $lastName</b>,</p>\n\t\t            <p>Please click the link to reset your password:</p>\n                    <p><a href=\"$pwResetLink\">Reset link</a></p>\n                </div>\n            </div>\n        </div>\n    </body>\n</html>\n\n\n"
    }
  },
  "profilePhoto": {
    "thumbnailWidth": 64,
    "thumbnailHeight": 64
  },
  "federation": {
    "allowMultipleIdentities": true
  },
  "twoFactorAuth": {
    "providers": [
      {
        "name": "gigyaPhone",
        "enabled": true
      }
    ],
    "emailProvider": {
      "defaultLanguage": "en",
      "emailTemplates": {
        "en": "<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n    <head>\r\n\t\t<META name=\"from\" content=\"Name <noreply@YOUR-SITE.com>\" />\r\n\t\t<META name=\"subject\" content=\"Email Code Verification\" />\r\n\t\t<link rel=\"stylesheet\" type=\"text/css\" href=\"//fonts.googleapis.com/css?family=Open+Sans\" />\r\n    </head>\r\n    <body style=\"font-family: Open Sans; font-size: 13px; line-height: 16px;\">\r\n        <div style=\"background: url('https://cdns.gigya.com/site/images/email/background.png') repeat-x; width: 720px; padding:13px 0; margin:0 auto;\">\r\n            <div style=\"background: #fff; border-radius: 3px; margin: 0 auto; width: 693px; \">\r\n                <div style=\"padding:30px 30px 29px;margin: 0px auto;\">\r\n\t\t            <p>Hello <b>$firstName $lastName</b>,</p>\r\n\t\t\t\t\t<p>Please use the following code to verify your account:</p>\r\n\t\t            <p style=\"color: #1F5797; font-size: 26px;\">$verificationCode</p>\r\n\t\t\t\t\t<p>This email was sent to you since there was an attempt to access your account.\r\n\t\t\t\t\tThe login attempt was made using $deviceName, from: $countryName ($ipAddress).\r\n\t\t\t\t\tIf you have not tried to access your account, please consider changing your password as soon as possible.</p>\r\n\t\t\t\t\t<p>If you have any questions or comments, contact us at <a href=\"mailto:yoursupportaddress@sitedomain.com\">yoursupportaddress@sitedomain.com</a>.</p>\r\n\t\t\t\t\t<p> <b>- The <a href=\"http://yoursitename.com\">yoursitename.com</a> team</b></p>\r\n                </div>\r\n            </div>\r\n        </div>\r\n    </body>\r\n</html>"
      }
    }
  },
  "statusCode": 200,
  "errorCode": 0,
  "statusReason": "OK",
  "callId": "75c4503c36864fe88797bcd38b44a108",
  "time": "2017-03-05T11:19:34.153Z"
}