SAP Customer Data Cloud (formerly Gigya)

SAP Customer Data Cloud (Gigya) Integration Guide

Overview

This guide explains how to connect Bridged with SAP Customer Data Cloud (formerly Gigya) to read customer identity data, profiles, consents, and account activities. The integration supports reading this data for activation, qualification, and nurture playbooks where customer identity and preferences are needed.

SAP Customer Data Cloud is a Customer Identity and Access Management (CIAM) platform that supports social logins, consent management, subscription preferences, and profile management. It provides both REST APIs and OIDC/OAuth 2.0 standards for integration.

Primary Use Case: Read User Data

For Bridged's identity and registration integrations, the primary use case is reading user-related data, including:

Data Type	Use in Bridged
User profiles	Personalize outreach and qualification conversations
Consent and subscription preferences	Respect communication preferences for activation campaigns
Account activities	Track registration, login, and lockout events for lead scoring
Group/Organization data	B2B account and role context for qualification

Prerequisites

Before starting, ensure you have:

An SAP Customer Data Cloud account with admin access
Your API Key (site identifier)
Your Data Center (e.g., us1.gigya.com, eu1.gigya.com, eu2.gigya.com, au1.gigya.com, cn1.sapcdm.cn, or global.gigya.com)
User Secret or Application Key (for server-to-server API calls)

Connection Methods

Method	Best for	Setup complexity
OAuth 2.0 Client Credentials (Preferred)	Server-to-server automated access with enhanced security	Medium
API Key + User Secret	Direct REST API access, legacy compatibility	Low
OAuth 2.0 Authorization Code	User-specific operations requiring end-user context	Medium

Recommendation: Use OAuth 2.0 Client Credentials for automated server-to-server syncs. This is the standard approach for modern integrations. For simpler setups, API Key + User Secret is also supported.

Step 1: Identify Your Data Center

Your data center determines the API endpoints you'll use:

Data Center	API Domain
US	`us1.gigya.com`
Europe	`eu1.gigya.com`
Australia	`au1.gigya.com`
European Azure	`eu2.gigya.com`
China	`cn1.sapcdm.cn`
Global site groups	`global.gigya.com`

If you are not sure of your site's data center, check your SAP Customer Data Cloud dashboard or contact support.

Step 2: Obtain API Credentials

Option A: OAuth 2.0 Client Credentials (Preferred)

Log in to your SAP Customer Data Platform instance
Navigate to Monitor → Integrations and APIs → Security Material
Click Create OAuth2 Client Credentials
Enter the following:

Field	Value
Name	`Bridged Integration`
Token Service URL	`https://oauth2.us1.gigya.com/oauth2/token` (use your data center)
Client ID	From SAP Customer Data Platform Event Listener screen
Client Secret	From SAP Customer Data Platform Event Listener screen
Client Authentication	`Send as Body Parameter`
Scope	`grant_type=client_credentials`
Content Type	`application/x-www-form-urlencoded`

Click Deploy
Save your Client ID and Client Secret

Option B: API Key + User Secret

Log in to your SAP Customer Data Cloud dashboard
Navigate to Settings → API Keys
Locate your API Key (site identifier)
Generate or copy your User Secret (for server-side API calls)

Step 3: Configure Bridged to Connect to SAP Customer Data Cloud

Log in to your Bridged dashboard
Navigate to the Integrations section. If you do not see this section, contact support@bridged.media
Click SAP Customer Data Cloud → Connect Account
Select your authentication method:

Option A: OAuth 2.0 Client Credentials

Field	Description
Data Center	Your data center (e.g., `us1.gigya.com`)
API Key	Your site API key
Client ID	From Step 2, Option A
Client Secret	From Step 2, Option A
Token URL	`https://oauth2.{data-center}/oauth2/token`

Option B: API Key + User Secret

Field	Description
Data Center	Your data center (e.g., `us1.gigya.com`)
API Key	Your site API key
User Secret	Your server API user secret

Click Connect

Step 4: Available API Endpoints

Based on SAP Customer Data Cloud documentation, the following endpoints are available for reading user data:

User Management

Endpoint	Method	Description	Key Info
`/scim/api/v1/{apiKey}/Users/{id}`	GET	Get user by ID	Returns full account data
`/accounts.getSchema`	GET	Get profile and data schema	Use to understand available fields
`/socialize.getUserInfo`	GET	Get extended user information	Rich user profile with identities

Account Activities (Event Listening)

Activity Type	Description
Account registered	New user registration
Account logged in	User login activity
Account locked out	Failed login attempts
Consent updated	Privacy consent changes
Subscription updated	Preference changes

B2B Organization Data

Endpoint	Description
`accounts.getAccountInfo`	Get user account with organization groups
`accounts.b2b.getAssets`	Get B2B access rights and assets

Example: Get User by ID

bash

curl -X GET "https://accounts.us1.gigya.com/scim/api/v1/{API_KEY}/Users/{USER_ID}" \
  -H "Authorization: Bearer {ACCESS_TOKEN}"

Example: Get User Info

bash

curl -X GET "https://accounts.us1.gigya.com/socialize.getUserInfo?UID={USER_ID}&apiKey={API_KEY}&includeAllIdentities=true" \
  -H "Authorization: Bearer {ACCESS_TOKEN}"

Example: Get User with Extended Fields

bash

curl -X GET "https://accounts.us1.gigya.com/socialize.getUserInfo?UID={USER_ID}&apiKey={API_KEY}&extraFields=languages,address,work,education,skills,bio" \
  -H "Authorization: Bearer {ACCESS_TOKEN}"

The extraFields parameter accepts: languages, address, phones, education, honors, publications, patents, certifications, professionalHeadline, bio, industry, specialties, work, skills, religion, politicalView, interestedIn, relationshipStatus, hometown, favorites, likes, followersCount, followingCount, name, username, educationLevel, locale, verified, irank, timezone, and samlData.

Example: Get Account Schema

bash

curl -X GET "https://accounts.us1.gigya.com/accounts.getSchema?apiKey={API_KEY}&filter=explicitOnly&include=profileSchema,dataSchema" \
  -H "Authorization: Bearer {ACCESS_TOKEN}"

The include parameter can specify: profileSchema, dataSchema, subscriptionsSchema, internalSchema, or addressesSchema.

Step 5: Configure Sync Settings

Setting	Options	Description
Data objects	Users, Profiles, Consents, Subscriptions, Activities	Which user data to read
Sync frequency	Hourly, Daily, Weekly	How often to refresh data
Include identities	Yes, No	Include social identity provider data
Extended fields	Select fields	Extra profile data to retrieve

Bulk sync limit: Each bulk operation is limited to 50 records per request.

Step 6: Event Listening for Real-time Sync (Optional)

For real-time user activity tracking, SAP Customer Data Cloud supports event listeners:

Event Type	When it triggers
`get account registered activity`	New user registers
`get account logged in activity`	User logs in
`get account locked out activity`	Account lockout occurs
`get consent updated activity`	User changes consent preferences
`get subscription update activity`	User updates subscriptions

To configure event listening, work with your SAP Customer Data Cloud administrator to set up webhooks pointing to:

https://gateway.bridged.media/webhooks/sap-cdc

Common Use Cases

Playbook	How User Data Is Used
Activation	Read user profiles and consents to trigger compliant WhatsApp campaigns
Qualification Agent	Read user login history, subscription preferences, and B2B roles for lead scoring
Nurture & Conversion	Read consent and subscription data for preference-based follow-up

Example Conversation Powered by SAP Customer Data Cloud Data

When an agent asks "Is this user opted in to marketing communications?", Bridged:

Reads consent data from SAP Customer Data Cloud
Returns current opt-in status
Informs agent's conversation strategy

Rate Limiting & Performance

Consideration	Details
Rate limits	Vary by subscription tier; client-side IP rate limits may apply for unauthenticated calls
Best practice	Always use server-to-server auth to avoid client-side IP rate limits
SCIM API	Use for direct user retrieval by ID
Bulk operations	Maximum 50 records per request

Security & Permissions

SAP Customer Data Cloud supports OAuth 2.0 Client Credentials (recommended) and API Key + User Secret authentication
Access tokens are short-lived; Bridged automatically refreshes tokens
For OIDC/OAuth 2.0 flows, SAP Customer Data Cloud supports the following scopes: openid (required), email, and profile (which includes name, family_name, given_name, picture, gender, birthdate, address, phone)
All API calls should be made over TLS 1.2+
Credentials are encrypted and never stored in plain text

Authorization Parameters

For server-side REST API calls, always include proper authorization to avoid client-side IP rate limits:

Use API Key + User Secret or Bearer Token in the Authorization header
Required for APIs including: accounts.login, socialize.login, accounts.notifyLogin, socialize.notifyLogin, accounts.finalizeRegistration, accounts.linkAccounts

Troubleshooting

Issue	Likely cause	Solution
Connection fails (401)	Invalid API Key or secret	Verify credentials in SAP Customer Data Cloud dashboard
Token generation fails	Wrong data center	Confirm data center matches your site
No data returned (404)	User ID not found	Verify user ID format; use SCIM API for direct lookup
Rate limiting	Client-side IP limits	Switch to server-to-server authentication with Bearer token
Extended fields missing	ExtraFields not specified	Add `extraFields` parameter with comma-separated field list
OAuth flow fails	Wrong grant type	Ensure `grant_type=client_credentials` for M2M auth

Support

For integration support, contact your Bridged account manager or email support@bridged.media.

For SAP Customer Data Cloud-specific questions:

SAP Help Portal: https://help.sap.com/docs/SAP_CUSTOMER_DATA_CLOUD
API Documentation: See REST API references for accounts, socialize, and SCIM endpoints
Data Center Support: Contact SAP Support to confirm your data center