SAP Customer Data Cloud Positions

socialize.setUID JS

Skip to end of metadata
Go to start of metadata



This method replaces the Gigya UID in the user account on Gigya's DB, with a site user ID that you provide. This method should be used in case a user ID has changed. 


  1. This method is not part of our recommended social registration flow. Please use the socialize.notifyRegistration method instead, and pass the "siteUID" parameter. Learn more in the Login Best Practice Implementation guide.
  2. This method replaces the deprecated socialize.linkAccounts method.


Note: This method is also supported in our REST API. If you wish to execute this method from your server, please refer to

REST API > socialize.setUID.

Security Requirements

The Gigya service supports a mechanism to verify the authenticity of the setUID call. This mechanism is used to prove that the call is in fact coming from your site, in order to prevent fraud.

We require every setUID call to be signed using a HMAC-SHA1 signature. The "UIDSig" parameter (see table of parameters below) is defined for this objective, and is a required parameter. Gigya will verify the authenticity of the signature to prove that it is in fact coming from your site and not from somewhere else.

Follow the instructions in Constructing a Signature to set the UIDSig parameter of the setUID call, and make the API call as soon as possible after that to prevent the signature from expiring.






The following table lists the available parameters:

siteUIDstringThe user ID which you have designated to the current user on your user management system. This site UID must be different than the Gigya ID.
Note: the parameter accepts only ASCII characters (not unicode) and up to 252 characters.
UIDTimestampstringThe current GMT time when request is made. The expected format is the Unix time format (i.e. the number of seconds since Jan. 1st 1970). Gigya will check the time difference between the timestamp and the time on Gigya's server when the setUID request is received. If the time difference is more than 5 minutes, the request is considered forged.
UIDSigstringA HMAC-SHA1 signature proving the authenticity of the data. See the "Security Requirements" above for more details.
A reference to a callback function. Gigya calls the specified function along with the results of the API method when the API method completes.
The callback function should be defined with the following signature: functionName(Response).
The "Response Object Data Members" table below provides specification of the data that is passed to the callback function.
A string of maximum 100 characters length. The CID sets categories for transactions that can be used later for filtering reports generated by Gigya in the "Context ID" combo box. The CID allows you to associate the report information with your own internal data. For example, to identify a specific widget or page on your site/application. You should not define more than 100 different context IDs.

Note: This parameter overrides the value of the identical parameter in Global Conf (the global configuration object). If the parameter is not set for the method, the value from Global Conf is used.

A developer-created object that is passed back unchanged to the application as one of the fields in the response object.
timestampstringDeprecated. Please use the UIDTimestamp parameter instead.
signaturestringDeprecated. Please use the UIDSig parameter instead.

Response Object Data Members

errorCode integer The result code of the operation. Code '0' indicates success, any other number indicates failure. For a complete list of error codes, see the Response Codes and Errors table.
errorMessage string A short textual description of an error associated with the errorCode for logging purposes.
callId string Unique identifier of the transaction, for debugging purposes.
context object The context object passed by the application as a parameter to the API method, or null if no context object has been passed.


Code Sample


Note:  Although this code sample calculates the signature client-side, the best practice is getting the signature from the server, and not generating it in the client. Follow the instructions in Constructing a Signature.

// Note: the actual signature calculation implementation should be on server side
function createSignature(UID, timestamp) {
       return '';

var dateStr = Math.round(new Date().getTime()/1000.0);  // Current time in Unix format 
                                                         // (i.e., the number of seconds since Jan. 1st 1970)
var siteUID= 'uTtCGqDTEtcZMGL08w';  // siteUID should be taken from the new user record
                                                                      // you have stored in your DB in the previous step
var yourSig = createSignature(siteUID, dateStr);

var params = {
    siteUID: siteUID,



  • This sample is not meant to be fully functional code. For brevity's sake, only the code required for demonstrating the API call itself is presented.
  • To run the code on your own domain, add your Gigya API key to the gigya.js URL. A Gigya API key can be obtained on the Site Dashboard page on Gigya's website. Please make sure that the domain from which you are loading the page is the same domain name that you used for generating the API key.
  • In some cases it is necessary to connect/login the user to a provider ? prior to calling the API method. You can learn more in the Social Login guide.