Gigya Job Openings

accounts.register JS

Skip to end of metadata
Go to start of metadata


This method registers a new user at your site, in accordance with the predefined site Policies and the Schema of the Accounts Storage. On-site registration requires three API calls: 1. accounts.initRegistration, 2. accounts.register and 3. accounts.finalizeRegistrationIf the finalizeRegistration parameter of accounts.register is set to 'true' then there is no need to call accounts.finalizeRegistration. 

A regToken (registration token), generated by accounts.initRegistration, is required when using this method.

For registration through a social network, see accounts.socialLogin.


Note: If you plan on integrating Gigya's Accounts API, we highly recommend reading the Registration-as-a-Service Guide. Registration-as-a-Service (RaaS) is a premium platform that requires separate activation. If RaaS is not part of your site package, please contact Gigya by filling in a support form through the Console. You can access the support page by clicking Support on the upper menu after logging into the Gigya Console.

This method is also supported in our REST API. It is highly recommended when possible, for security reasons, to execute this method from your server, so please refer to REST API > accounts.register






The following table lists the available parameters:


A string that the user enters to identify his account. 

* You are required to pass only one of the parameters either username or email, depending on the specification of the site's Login Identifier policy.

email string

The user's email address. 

* You are required to pass only one of the parameters either username or email, depending on the specification of the site's Login Identifier policy. If the emailVerification policy is enabled, an email is always required during registration, regardless of the defined login identifier.


passwordstringThe user's password. Gigya validates that the password meets the complexity requirements defined in the site's Password Strength policy.
regTokenstringThe regToken that was returned by accounts.initRegistration or the regToken returned by accounts.login if the user tried to login before the registration process is finalized. The regToken expires one hour after it is produced.
profileProfile objectThe user's profile information. The object may include site's custom fields in addition to reserved field names (as defined in the Profile object). Fields that are defined as required in the Schema, are required by this method. If not passed, the method will return a "pending registration" error and a new regToken
dataJSON objectCustom data. The purpose of this object is storing any custom data associated to the user, but which is not part of the Profile object. Gigya validates that the data fields meet the requirements that are defined in the Schema.
finalizeRegistrationBooleanIf set to 'true', this API call will also finalize the registration process for the user, and the user will appear as a 'New registered user' in the user reports.
If there are missing fields, the registration will remain pending. The default value is 'false'. 
captchaTokenstringThe CAPTCHA challenge. This parameter is required if specified so in the site's CAPTCHA policy.
captchaTextstringThe CAPTCHA text typed by the userThis parameter is required if specified so in the site's CAPTCHA policy.
secretQuestionstringThe secret question that can be used for verification. This parameter is required if specified so in the site's requireSecurityQuestion Policy.
secretAnswerstringThe answer to the secret question. This parameter is required if specified so in the site's requireSecurityQuestion Policy.
langstringThe language to use in error messages and validation emails. See also Email Templates. The language specified here is stored in the locale field of the site identity. If in the emailVerification policy the emailTemplates include a template in the specified language, the verification email sent to the user will be in this language. The same goes for the passwordReset policy.
targetEnvstringThis parameter defines your client side environment, which in return determines the server response data fields. The default value of this parameter is "browser", which means that by default you receive cookie-related data in the response. 
If your client runs on mobile:
If you are calling this method using a Mobile SDK since version 2.15.6, this parameter is automatically set to "mobile" (there is no need to set it manually). In any other case, you should set this parameter to be "mobile". 
As a result of setting the parameter to "mobile" the server response data fields will include: sessionToken and sessionSecret (instead of cookie related data). In such case, you should send the sessionToken and sessionSecret to your mobile client. On your client side, call GSAPI.setSession (using the Mobile SDK) to save them in the app's storage.
includestringA comma-separated list of fields to include in the response. The possible values are: identities-active, identities-allloginIDsemailsprofiledata, password and irank. The default is profile so if this parameter is not used, the response will return only the Profile object.
sessionExpirationintegerThis parameter defines the time in seconds that Gigya should keep the login session valid for the user. To end the session when the browser closes, please assign the value '0'. If this parameter is not specified, the session is valid forever.
Note: the value of this parameter overrides the value of the identical parameter in the Global Configuration.
siteUIDstringYou may specify the UID to use with this account. if not specified it is auto-generated.
Note: This parameter accepts a maximum of 252 ASCII characters (Unicode is not supported).

Records the source of the registration. The default value is the URL of the current page but it can be any string value. regSource is stored in the account and can be used by verification emails to determine which page should be opened (see accounts.set Policies). Can also be set via the Global Conf object.

format string Determines the format of the response. The options are:
  • json (default)
  • jsonp - if the format is jsonp then you are required to define a callback method (see parameter below).
callback string This parameter is required only when the format parameter is set to jsonp (see above). In such cases this parameter should define the name of the callback method to be called in the response, along with the jsonp response data.
context string/JSON This parameter may be used to pass data through the current method and return it, unchanged, within the response.
dontHandleScreenSet Boolean This parameter may be used in order to suppress the showing of screen-sets as a result of API calls. Default is false.
httpStatusCodes Boolean The default value of this parameter is false, which means that the HTTP status code in Gigya's response is always 200 (OK), even if an error occurs. The error code and message is given within the response data (see below). If this parameter is set to true, the HTTP status code in Gigya's response would reflect an error, if one occurred.

Code Sample

<script type="text/javascript">
// initRegToken holds the regToken returned by accounts.initRegistration
var initRegToken = <token_returned_by_initRegistration>;

// Set up the parameters required for accounts.register 
var regParams = {
email: "",
password: "aVeryComplexPassw0rd!",
regToken: initRegToken,
finalizeRegistration: true



Gigya defines specific error codes and messages that are used with the Accounts API. These errors are returned with the APIs, indicating that some information is incorrect or missing. 

This section describes the errors that are related to this API, the reasons for each error, and the expected next step.

  • Account pending registration (error code 206001) - returned when you call a method that performs social login, such as this method, and the registration process has not been finalized, or the schema defines fields as required and one or more of these fields are missing from the user Profile or data. The expected next step is: if the schema defines fields that are required and one or more of these fields are missing from the user profile or data, call accounts.setAccountInfo. If the registration process has not been finalized, call accounts.finalizeRegistration.
  • CAPTCHA verification failed (error code 400021) - returned when the registration policy states that requireCaptcha is "true", and the CAPTCHA verification fails when a user tries to register.
  • Login identifier exists (error code 403043) - returned when email is defined as the loginIdentifier in the accountOptions policy, and the email address received from the provider exists in the system but is associated with a different user. The expected next step: call accounts.linkAccounts to merge between the account identified by the provided UID and the account identified by the provided login credentials (loginID + password).
  • Validation errors - the validationErrors object is an array of validation errors; each validation error is made up of an errorCode, a message, and a fieldName. The errorCode and message specify what error occured and the fieldName specifies which field had a validation error. When an invalid field type is used, i.e. a string instead of an integer, or if a wrong format is used, i.e. an email address that is not in a correct format, an "Invalid parameter value" error is returned (error code 400006). A validation error is returned whenever there is a data validation error regarding one of the following required fields: username, password, securityQuestion, secretAnswer, email. The expected next step is: call the API method again with the missing info.