- Administering User Guide overview
- Sites Features
- Website Administration
- Asynchronous Jobs
- Reusing Content: Multi Site Manager and Live Copy
- Live Copy Overview Console
- Configuring Live Copy Synchronization
- Creating and Synchronizing Live Copies
- MSM Rollout Conflicts
- Troubleshooting MSM Issues and FAQ
- MSM Best Practices
- Translating Content for Multilingual Sites
- Managing Translation Projects
- Identifying Content to Translate
- Preparing Content for Translation
- Creating a Language Root Using the Classic UI
- Connecting to Microsoft Translator
- Configuring the Translation Integration Framework
- Language Copy Wizard
- Translation Enhancements
- Translation Best Practices
- Configurations and the Configuration Browser
- AEM FAQs
- Operations
- Dashboards
- Operations Dashboard
- Backup and Restore
- Data Store Garbage Collection
- Monitoring Server Resources Using the JMX Console
- Working with Logs
- Audit Log Maintenance in AEM 6
- Configure the Rich Text Editor
- Configuring RTE for Producing Accessible Sites
- Configuring Undo for Page Editing
- Configure the Rich Text Editor plug-ins
- Configure the Video component
- The Bulk Editor
- Configuring Email Notification
- The Link Checker
- Troubleshooting AEM
- Managing Access to Workflows
- Starting Workflows
- Administering Workflows
- Administering Workflow Instances
- Using cURL with AEM
- Proxy Server Tool (proxy.jar)
- Configuring for AEM Apps
- Configuring Search Forms
- Tools Consoles
- Reporting
- Configuring Layout Container and Layout Mode
- Editor
- Enabling Access to Classic UI
- Admin Consoles
- Security
- User Administration and Security
- User, Group and Access Rights Administration
- Security Checklist
- OWASP Top 10
- Running AEM in Production Ready Mode
- Identity Management
- Adobe IMS Authentication and Admin Console Support for AEM Managed Services
- Creating a Closed User Group
- Mitigating serialization issues in AEM
- User Synchronization
- Encapsulated Token Support
- Single Sign On
- How to Audit User Management Operations in AEM
- SSL By Default
- SAML 2.0 Authentication Handler
- Closed User Groups in AEM
- Granite Operations - User and Group Administration
- Enabling CRXDE Lite in AEM
- Configuring LDAP with AEM 6
- Configure the Admin Password on Installation
- Service Users in AEM
- Encryption Support for Configuration Properties
- Handling GDPR Requests for the AEM Foundation
- Principal View for Permissions Management
- Content Disposition Filter
- Custom User Group Mapping in AEM 6.5
- Same Site Cookie Support
- Personalization
- Integration
- Integrating with Third-Party Services
- Integrating with Salesforce
- Integrating with Adobe Target
- Integrating with Adobe Learning Manager
- Integrating with Adobe Analytics
- Connecting to Adobe Analytics and Creating Frameworks
- Configuring Link Tracking for Adobe Analytics
- Mapping Component Data with Adobe Analytics Properties
- Configuring Video Tracking for Adobe Analytics
- Integration with Adobe Analytics using IMS
- HTTP2 Delivery of Content FAQ
- Troubleshooting your Adobe Campaign Integration
- SharePoint Connector Licenses, Copyright Notices, and Disclaimers
- SharePoint Connector
- DHTML Viewer End-of-Life FAQs
- Integrating with Adobe Campaign Classic
- Related Community Articles
- Integrating with Adobe Campaign Standard
- Flash Viewers End-of-Life Notice
- Integrating with Adobe Dynamic Tag Management
- Opting Into Adobe Analytics and Adobe Target
- AEM Portals and Portlets
- Integrating with Dynamic Media Classic (Scene7)
- AEM Livefyre Recipes
- Troubleshooting Integration Issues
- Integrating with BrightEdge Content Optimizer
- Catalog Producer
- Integrating with Silverpop Engage
- Integrating with Adobe Campaign
- Integrating with ExactTarget
- Analytics with External Providers
- Integrating with the Adobe Marketing Cloud
- Manually Configuring the Integration with Adobe Target
- Prerequisites for Integrating with Adobe Target
- Integration with Adobe Target using IMS
- Adobe Classifications
- Solutions Integration
- Exporting Experience Fragments to Adobe Target
- Best Practices for Email Templates
- Integrating with Livefyre
- Best Practices
- Content Management
Handling GDPR Requests for the AEM Foundation
GDPR is used as an example in the sections below, but the details covered are applicable to all data protection and privacy regulations; such as GDPR, CCPA etc.
AEM Foundation GDPR support
At the AEM Foundation level, the Personal Data that is stored is the User Profile. Therefore, the information in this article primarily addresses how to access and delete user profiles, to address the GDPR Access and Delete requests respectively.
Accessing a User Profile
Manual Steps
-
Open the User Administration console, by browsing to Settings - Security - Users or by browsing directly to
https://<serveraddress>:<serverport>/libs/granite/security/content/useradmin.html
-
Then, search for the user in question by typing the name in the search bar at the top of the page:
-
Finally, open the user profile by clicking it, then check under the Details tab.
HTTP API
As mentioned, Adobe provides APIs for accessing user data, in order to facilitate automation. There are several types of APIs which you can use:
UserProperties API
curl -u user:password http://localhost:4502/libs/granite/security/search/profile.userproperties.json\?authId\=cavery
Sling API
Discovering the user home:
curl -g -u user:password 'http://localhost:4502/libs/granite/security/search/authorizables.json?query={"condition":[{"named":"cavery"}]}'
{"authorizables":[{"type":"user","authorizableId_xss":"cavery","authorizableId":"cavery","name_xss":"Carlene Avery","name":"Carlene Avery","home":"/home/users/we-retail/DSCP-athB1NYLBXvdTuN"}],"total":1}
Retrieving user data
Using the node path from the home property of the JSON payload returned from the above command:
curl -u user:password 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profile.-1.json'
curl -u user:password 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profiles.-1.json'
Disabling a User and Deleting the Associated Profiles
Disable User
-
Open the User Administration console and search for the user in question, as described above.
-
Hover over the user and click the select icon. The profile will turn grey indicating that it is selected.
-
Press the Disable button in the upper menu to disable the user:
-
Fianlly, confirm the action:
The user interface will then indicate that the user has been deactivated by greying out and adding a lock to the profile card:
Delete User Profile Information
-
Log in to CRXDE Lite, then search for the
userId:
-
Open the user node which is located under
/home/usersby default:
-
Delete profile nodes and all their children. There are two formats to the profile nodes, depeding on the AEM version:
- The default private profile under
/profile /profiles, for new profiles created using AEM 6.5.
- The default private profile under
HTTP API
The following procedures use the curl command line tool to illustrate how to disable the user with the cavery userId and delete her profiles available at the default location.
- Discovering the user home
curl -g -u user:password 'http://localhost:4502/libs/granite/security/search/authorizables.json?query={"condition":[{"named":"cavery"}]}'
{"authorizables":[{"type":"user","authorizableId_xss":"cavery","authorizableId":"cavery","name_xss":"Carlene Avery","name":"Carlene Avery","home":"/home/users/we-retail/DSCP-athB1NYLBXvdTuN"}],"total":1}
- Disabling the user
Using the node path from the home property of the JSON payload returned from the above command:
curl -X POST -u user:password -FdisableUser="describe the reasons for disabling this user (GDPR in this case)" 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN.rw.userprops.html'
- Deleting user profile(s)
Using the node path from the home property of the JSON payload returned from the account discovery command and the known out of the box profile node locations:
curl -X POST -u user:password -H "Accept: application/json,**/**;q=0.9" -d ':operation=delete' 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profile'
curl -X POST -u user:password -H "Accept: application/json,**/**;q=0.9" -d ':operation=delete' 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profile'
Business.Adobe.com resources
Resources
Adobe Account
