Customer.io SDK Packages & Configuration Options (Mobile + Web)

Customer.io partner logo

Table of Contents

Example H2

Customer.io, done right. Done for you.

Execution trusted by 60+ DTC brands.
CTA: See how it works

See how it works

Summarize this documentation using AI

ChatGPT
Grok
Claude
Perplexity
Google AI

This banner was added using fs-inject

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Book a Strategy Session

Overview

If you’re implementing Customer.io via SDK, your “packages and configuration options” decisions are really retention decisions: what data you can trust, how fast you can iterate, and whether identity stitching works when customers bounce between anonymous browsing and logged-in purchase behavior. If you want a second set of eyes before you lock in your tracking plan, book a strategy call and we’ll pressure-test the event taxonomy and identity approach against your core retention flows.

In most D2C programs, the SDK is the difference between “we sent a cart abandonment push” and “we sent the right cart abandonment push to the right person, with the right products, without double-messaging people who already bought.”

How It Works

At a practical level, SDK packages are the libraries you add to your app (iOS/Android/React Native/Flutter/Web) to send people, device, and event data into Customer.io. Configuration options control things like environment (dev vs prod), region, consent behavior, and how/when the SDK identifies a user.

  • Installation creates a data pipe. Once the SDK is installed, it can collect device tokens (for push), session/app activity (depending on platform), and custom events you explicitly track (e.g., Product Viewed, Added to Cart, Checkout Started, Order Completed).
  • identify() is the stitching moment. Before login, you often have anonymous behavior (browse, view PDPs, add to cart). When the customer logs in, enters email at checkout, or completes purchase, you call identify with a stable identifier (typically your internal customer ID) and key attributes (email, phone if applicable). That’s what ties pre-auth behavior to a real profile you can message.
  • track() is what powers retention logic. Customer.io campaigns and segments are only as good as the events you send. If you don’t track cart state (items, value, currency) and purchase state (order_id, revenue, items), your recovery and repeat purchase flows degrade fast.
  • Device management impacts push reach. The SDK typically registers device tokens and associates them to the identified person. If you mis-handle logout/device reset flows, you’ll see “push went to the wrong person” bugs—rare, but catastrophic when it happens.

Real D2C scenario: A customer browses on mobile, adds a bundle to cart, then abandons. If you track Added to Cart anonymously but fail to stitch on “email captured” at checkout, Customer.io can’t reliably target a cart recovery push/email to that same person—so you end up spamming broad segments or missing high-intent abandoners entirely.

Step-by-Step Setup

The cleanest SDK setups start with a retention-first tracking plan (events + identity rules), then you implement packages/config in a way that keeps dev/prod data separated and prevents identity drift.

  1. Pick the right SDK for your app surface area.
    • Native iOS/Android if you want maximum control and the least abstraction.
    • React Native/Flutter/Expo SDKs if you’re cross-platform—just be extra strict about event parity across platforms.
    • Web SDK if you also need browser behavior for logged-out shoppers (product discovery → cart → checkout).
  2. Separate environments from day one.
    • Use a dev workspace or clearly separated credentials for staging vs production.
    • Don’t let QA traffic pollute your “abandoned cart” segments—this breaks reporting and causes false positives in recovery journeys.
  3. Implement a strict identity policy (the part teams usually skip).
    • Decide your canonical identifier (ideally customer_id from your commerce system).
    • Call identify(customer_id, attributes) at the first reliable moment: account login, email capture, or order completion.
    • Send email as an attribute if you plan to email; send phone if you plan to SMS/WhatsApp (and only when consented).
  4. Track the retention-critical events with consistent schemas.
    • Product Viewed: product_id, variant_id, price, currency, collection/category.
    • Added to Cart: cart_id, items[], value, currency, quantity, source (PDP, collection, search).
    • Checkout Started: cart_id, items[], value, currency.
    • Order Completed: order_id, revenue, currency, items[], discount, shipping, payment_method (optional).
  5. Handle logout and device changes intentionally.
    • On logout, reset/clear the identified user in the SDK (so the next user on the same device doesn’t inherit the prior identity).
    • On reinstall/new device, expect new device tokens—make sure your push token registration flow runs reliably.
  6. Validate data in Customer.io before you build journeys.
    • Confirm profiles are created/updated correctly (attributes, email/phone, device tokens).
    • Confirm events appear with the expected payload keys and data types.
    • Test anonymous → identified stitching with a real flow: browse → add to cart → enter email → abandon → purchase.

When Should You Use This Feature

SDK packages and configuration options matter most when you need reliable, user-level behavior data from app sessions—not just server-side orders. If your retention program depends on “what they did” (not just “what they bought”), the SDK is where that truth comes from.

  • Cart recovery in mobile apps where you need push/in-app triggered off Added to Cart or Checkout Started within minutes, and you want to suppress instantly if Order Completed fires.
  • Repeat purchase programs where you personalize replenishment and cross-sell based on Product Viewed and Order Completed item arrays (not just a generic “buy again”).
  • Reactivation where “inactive” should mean no app activity + no purchases, not just “no purchases.” SDK activity and events give you cleaner churn definitions.
  • Multi-device identity stitching (common in D2C): a shopper discovers on mobile, buys on desktop, then returns to the app for order tracking. Without consistent identity rules, you’ll fragment that customer into multiple profiles and under-message them.

Operational Considerations

Once the SDK is live, the hard part becomes keeping the data usable for segmentation and orchestration as your product and marketing needs evolve. This is where most retention programs quietly degrade over time.

  • Segmentation depends on stable event names and schemas. If iOS sends added_to_cart and Android sends Add To Cart, you’ll build segments that miss half your audience. Lock naming conventions early and enforce them in code review.
  • Data flow timing affects journey logic. If Order Completed arrives late (or only server-side), your cart recovery push might fire after purchase. In practice, this tends to break during peak traffic or when apps queue events offline—plan suppression windows and “wait until” checks accordingly.
  • Anonymous-to-known stitching is a retention lever. If you only identify at account creation but most customers check out as guests, you’ll lose the highest-intent abandonment audience. Consider identifying when email/phone is captured (with consent) even before full account creation.
  • Orchestration realities: app vs backend sources. For purchases, many teams prefer server-side as the source of truth (less spoofable, more reliable). For browsing/cart behavior, SDK is usually the truth. Decide which source wins when both send similar events.
  • Consent and compliance must be enforced at the edge. Don’t rely on downstream suppression alone. If a user opts out of tracking/marketing, your SDK configuration should respect that so you don’t leak events into segments you shouldn’t build.

Implementation Checklist

If you want this to drive revenue (not just “data in the platform”), treat this as a launch checklist tied to cart recovery, repeat purchase, and reactivation readiness.

  • SDK installed in the correct app(s) and builds (prod vs staging separated)
  • Canonical identifier chosen (internal customer ID) and identify() implemented at the right moment(s)
  • Logout/reset behavior implemented to prevent identity bleed on shared devices
  • Event taxonomy defined and implemented consistently across platforms
  • Cart and order events include required payloads (ids, values, currency, items arrays)
  • Push token registration verified (and tied to the identified profile)
  • Test plan completed: anonymous browse → identify → abandon → purchase → suppression works
  • Customer.io segments validated against real event traffic (not just sample data)

Expert Implementation Tips

These are the small decisions that keep your retention engine stable when you’re iterating weekly and scaling spend.

  • Track “source” on key events. Add fields like source (PDP, collection, search, ad landing) to Added to Cart. It makes your recovery messaging sharper (and helps you spot where intent is leaking).
  • Use idempotency keys for purchase events. If your app might retry events, include order_id and make sure your downstream logic doesn’t double-count conversions or trigger duplicate post-purchase flows.
  • Send variant-level detail. For D2C, variant is often the product (size, color, flavor). If you only send product_id, your replenishment and cross-sell recommendations get generic fast.
  • Build suppression off the most reliable signal. If server-side purchase confirmation is authoritative, use it to suppress cart recovery—even if the cart event came from SDK.
  • Instrument “intent” events beyond cart. Wishlist, back-in-stock signup, and “notify me” are gold for reactivation and price-drop flows, and they’re usually easiest to capture via SDK.

Common Mistakes to Avoid

Most issues aren’t “SDK bugs”—they’re identity and schema problems that quietly wreck segmentation and send logic.

  • Identifying by email only when email can change or be missing. Use a stable internal ID and store email as an attribute.
  • Waiting too long to call identify(). If you only identify after purchase, you lose the ability to recover carts and personalize pre-purchase nudges.
  • Inconsistent event naming across platforms. This creates phantom underperformance because half your audience never qualifies for journeys.
  • Missing currency/value fields. Without them, you can’t prioritize high-AOV abandoners or build “VIP recovery” branches.
  • No logout/reset handling. Shared devices (tablets, family phones) can cause cross-user messaging—rare but brand-damaging.
  • Letting staging traffic hit production. It pollutes segments and can trigger real messages if you’re not careful with safeguards.

Summary

If you’re serious about cart recovery, repeat purchase, and reactivation in app, SDK package + config choices are foundational. Get identity stitching right, standardize event schemas, and validate timing so journeys suppress correctly. Once that’s stable, Customer.io becomes an execution layer you can trust.

Implement Packages Options with Propel

When teams ask for help here, it’s usually not about “installing an SDK”—it’s about making sure the app events and identity rules actually support the retention motions you care about (cart recovery suppression, cross-device stitching, and clean segmentation). If you’re implementing or cleaning up a Customer.io SDK setup and want an operator-grade tracking plan, book a strategy call and we’ll map the exact identify + event spec to your highest-leverage journeys.

Contact us

Get in touch

Our friendly team is always here to chat.

Here’s what we’ll dig into:

Where your lifecycle flows are underperforming and the revenue you’re missing

How AI-driven personalisation can move the needle on retention and LTV

Quick wins your team can action this quarter

Whether Propel AI is the right fit for your brand, stage, and stack