Setting user IDs
User IDs should be set for each of your users. These should be unchanging and accessible when a user opens the app. Naming your user IDs correctly from the start is one of the most crucial steps when setting up user IDs. We strongly suggest using the Braze standard of UUIDs and GUIDs (detailed below). We also strongly recommend providing this identifier as it will allow you to:
- Track your users across devices and platforms, improving the quality of your behavioral and demographic data.
- Import data about your users using our user data API.
- Target specific users with our messaging API for both general and transactional messages.
If such an identifier is not available, Braze will assign a unique identifier to your users, but you will lack the capabilities listed for user IDs. You should avoid setting user IDs for users for whom you lack a unique identifier that is tied to them as an individual. Passing a device identifier offers no benefit versus the automatic anonymous user tracking Braze offers by default.
If you want to include an identifiable value as your user ID, for additional security, we strongly recommend adding our SDK authentication feature to prevent user impersonation.
You should make the following call as soon as the user is identified (generally after logging in) in order to set the user ID:
Suggested user ID naming convention
At Braze, we strongly recommend naming user IDs, also referred to as
external_user_ids, in a UUIDs and GUIDs format. UUIDs and GUIDs are universally unique identifiers that consist of a 128-bit number used to identify information in computer systems. This means that these UUIDs are long, random and well distributed. If you choose a different method in which to name your user IDs, they must also be long, random and well distributed. It is also important to note, that user IDs are case sensitive. For example, “Abcdef” is a different user from “abcdef”.
If you find your
external_user_ids include names, email addresses, timestamps, or incrementors, we suggest using a new naming method that is more secure so that your user IDs are not as easy to guess or impersonate. If you choose to include this in your user IDs, we strongly recommend adding our SDK authentication feature to prevent user impersonation.
Providing this information to others may allow people outside your organization to glean information on how your user IDs are structured, opening up your organization to potentially malicious updates or removal of information. Choosing the correct naming convention from the start is one of the most important steps in setting up user IDs. However, a migration is possible using our external ID migration endpoint.
|User ID Naming|
User ID integration best practices and notes
Automatic preservation of anonymous user history
|Identification Context||Preservation Behavior|
|User has not been previously identified||Anonymous history is merged with user profile upon identification|
|User has been previously identified in-app or via API||Anonymous history is not merged with user profile upon identification|
Additional notes and best practices
Please note the following:
- If your app is used by multiple people, you can assign each user a unique identifier to track them.
- Once a user ID has been set, you cannot revert that user to an anonymous profile
- Do not change the user ID when a user logs out as this can separate the device from the user profile.
- As a result, you won’t be able to target the previously logged out user with re-engagement messages. If you anticipate multiple users on the same device, but only want to target one of them when your app is in a logged-out state, we recommend separately keeping track of the user ID you want to target while logged out and switching back to that user ID as part of your app’s logout process. By default, only the last user that was logged in will receive push notifications from your app.
- Switching from one identified user to another is a relatively costly operation.
- When you request the user switch, the current session for the previous user is automatically closed and a new session is started. Furthermore, Braze will automatically make a data refresh request for in-app messages and other Braze resources for the new user.
If you opt to use a hash of a unique identifier as your user ID take care to ensure that you’re normalizing the input to your hashing function. For example, if you’re going to use a hash of an email address, ensure that you’re stripping leading and trailing whitespace from the input, and taking localization into account.