How you can honor your users' GDPR related requests through Dengage's Rest APIs

Dengage provides APIs that enable you to comply with the GDPR requests of your users. Using these APIs, you can perform the following actions:

  1. Request to export user data, erase user data, restrict data processing or re-enable processing of user data.
  2. Retrieve the status of a particular GDPR request.
  3. Cancel a particular GDPR request in case it is Pending.

POST: /opengdpr_requests

METHOD : POST

DESCRIPTION : Export user data, erase user data, restrict data processing, or re-enable processing of user data.

URL STRUCTURE : https://api.dengage.com/rest/gdpr/opengdpr_requests

AUTHENTICATION : User Authentication

Example

cUrl

curl -X POST <HOST> /rest/gdpr/opengdpr_requests \
    --header 'Authorization: Bearer <YOUR_AUTH_TOKEN>' \
    --header 'Content-Type: application/json' \
    --data '{
		"subject_request_id":"b2521844-d6a6-33b7-9831-345ad90112870",
		"subject_request_type":"erasure",
		"subject_identities":[{
				"identity_type":"cuid",
				"identity_value":"122902122"}]
}'

🚧

Important Note

Replace with the rest api url you have got from Dengage
Replace <YOUR_AUTH_TOKEN> will be replaced by the token that you get from the login request

Parameters

{
	"subject_request_id":"b2521844-d6a6-33b7-9831-345ad90112870",
	"subject_request_type":"erasure",
	"subject_identities":[{
		"identity_type":"cuid",
		"identity_value":"122902122"}]
}
ParameterTypeDescriptionIs mandatory
subject_request_idStringThis should be a unique ID for each request.Yes
subject_request_typeStringThis can be one of the following values:
erasure: If requesting to delete the user profile.
restriction: If requesting to restrict the processing of the user profile.
re-enable: If requesting to re-enable the processing of the user profile.
portability: If requesting to export the user profile.
Yes
subject_identitiesArrayRequest for only one user can be placed per API call. This array accepts only one value: User ID of known users which can be found on the user profile page.Yes

❗️

Important

Please be aware that the deletion of users is irreversible and will result in their permanent removal, which may lead to discrepancies in your data. Once a deletion request is initiated, the data will be irrevocably erased from the system within 30 days of the original request.

In the event of an accidental deletion, you have a grace period of 7 days during which the request will be held in a Pending state. This allows you to cancel the deletion request within this timeframe, preventing unintended loss of data. It is crucial to carefully consider the implications of deletion actions and to utilize the cancellation option judiciously to safeguard your data integrity.

Returns

201 Created

JSON

{
	"subject_request_id":"b2521844-d6a6-33b7-9831-345ad90112870",
	"subject_request_type":"erasure",
	"message": "erasure request registered"
}

In case the subject_request_type is portability, the user's profile is embedded in the response body.

Errors

  • 400 Bad request : If the JSON body is of incorrect format, the subject_request_id is not unique or if the identity_value in the request is not a known user's ID.
  • 500 Server error : Unforeseen service issues.

GET: /opengdpr_requests/{requestId}

METHOD: GET

DESCRIPTION : Retrieve the status of a particular GDPR request.

URL STRUCTURE : /rest/gdpr/opengdpr_requests/{requestId}

AUTHENTICATION : User Authentication

Example

cURL

curl -X GET <HOST>/rest/gdpr/opengdpr_requests/{requestId} \
--header 'Authorization: Bearer <YOUR_AUTH_TOKEN>' \
--header 'Content-Type: application/json'

🚧

Important Note

Replace with the rest api url you have got from Dengage

Replace <YOUR_AUTH_TOKEN> will be replaced by the token that you get from the login request

Returns

200 OK

JSON

{
	"subject_request_id":"b2521844-d6a6-33b7-9831-345ad90112870",
	"subject_request_type":"erasure",
	"status": "PENDING"
}

status can be one of PENDING, PROCESSING, DONE or CANCELLED

Errors

  • 404 Not Found : GDPR request not found.
  • 500 Server error : Unforeseen service issues.

DELETE: /opengdpr_requests/{requestId}

METHOD : DELETE

DESCRIPTION : Cancel a particular GDPR request. Request can only be cancelled if it is in the Pending state.

URL STRUCTURE : /rest/gdpr/opengdpr_requests/{requestId}

AUTHENTICATION: User Authentication

Example

cURL

curl -X DELETE <HOST>/rest/gdpr/opengdpr_requests/{requestId} \
--header 'Authorization: Bearer <YOUR_AUTH_TOKEN>' \
--header 'Content-Type: application/json'

🚧

Important Note

Replace with the rest api url you have got from Dengage

Replace <YOUR_AUTH_TOKEN> will be replaced by the token that you get from the login request

Returns

200 OK

JSON

{
	"subject_request_id":"b2521844-d6a6-33b7-9831-345ad90112870",
	"subject_request_type":"erasure",
	"message": "request cancelled"
}

If the request is already completed, the response body will convey that with appropriate message.

Errors

  • 400 Bad request : If the request status is not Pending.
  • 404 Not Found : GDPR request not found.
  • 500 Server error : Unforeseen service issues.

If you have any additional questions, don't hesitate to reach out to us at [email protected] . We're here to help and just an email away!