GDPR is used as an example in the sections below, but the details covered are applicable to all data protection and privacy regulations; such as GDPR, CCPA etc.
AEM Communities exposes APIs out-of-the-box to manage user profiles and bulk manage user generated content (UGC). Once enabled, the UserUgcManagement service allows the privileged users (community administrators and moderators) to disable user profiles, and bulk delete or bulk export UGC for specific users. These APIs also enable controllers and processors of customer data to comply with the European Union’s General Data Protection Regulations (GDPR) and other GDPR inspired privacy mandates.
For further information see the GDPR page at the Adobe Privacy Center.
To put these APIs to use, you need to enable the
/services/social/ugcmanagement endpoint by activating the UserUgcManagement service. To activate this service, install the sample servlet available on GitHub.com. Then, hit the endpoint on publish instance of your communities site with appropriate parameters using an http request, similar to the following:
However, you can also build a UI (user interface) to manage user profiles and user generated content in system.
These APIs enable perform the following functions.
getUserUgc(ResourceResolver resourceResolver, String user, OutputStream outputStream) helps export all the UGC of a user from the system.
For example, to export the UGC of a user named Weston McCall, who uses firstname.lastname@example.org as authorizable ID to log in to communities site, you can send an http GET request similar to the following:
deleteUserUgc(ResourceResolver resourceResolver, String user) helps delete all the UGC for a user from the system.
For example, to delete the UGC of a user having authorizable ID email@example.com through http-POST request, use the following parameters:
To delete user data from the Adobe Analytics, follow the GDPR Analytics workflow; as the API does not delete user data from Adobe Analytics.
For Adobe Analytics variables mappings used by AEM Communities, refer the following image:
deleteUserAccount(ResourceResolver resourceResolver, String user) helps disable a user account.
Disabling a user deletes all the user generated content that the user has on the server.
For example, to delete the profile of a user having authorizable ID firstname.lastname@example.org through http-POST request, use the following parameters:
deleteUserAccount() API only disables a user profile in the system and removes the UGC. However, to delete a user profile from the system, navigate to CRXDE Lite: https://<server>/crx/de, locate the user node and delete it.