Using the Privacy Service API

In this video, we’re going to be making calls to the Privacy Service API using Postman. If you haven’t watched the previous video on getting started with the API, take a look now to learn how to gather required authentication headers before following along with this tutorial. Once we’ve gathered our access token, organization ID, and API key, we can start making requests to the API. Let’s start by making a request to list all current privacy jobs for a certain regulation. Here in Postman, you can see that we’re making a GET request to the Privacy Service API. The path includes the platform gateway, a route path to the Privacy Service API, and the endpoint. In this case, we’re making a call to the jobs endpoint. While listing privacy jobs, we can only list the jobs for one regulation at a time. Therefore, when using this endpoint, we have to provide a regulation query parameter. The value we give this parameter determines which regulation the response will display results for. We’ll use CCPA for this call. For a list of accepted values for the regulation query parameter, please refer to the Jobs Endpoint Guide in the Privacy Service API documentation. We’ll hit send and the response gives us a list of jobs under the CCPA regulation including details like ID, Action, and Status. If we want to see more details about one of these jobs, we can perform a lookup request. We’ll copy the ID of the job we want to retrieve from the list and we’ll add it to the end of the request path like so. Since we’re looking up a single job, we no longer need to use the regulation parameter. Hit send and we’re given the details of the job. The action property tells us whether this is an access or delete request and we can also see the current processing status. Under user IDs, we can see the customer identities that were sent as part of this request. Under product responses, we can see the status of each Experience Cloud product that is processing the request. If a product has completed its privacy job, the resulting message will be displayed here. Now let’s walk through the process of creating a new privacy request. Here you can see I’m making a POST request to the Jobs Endpoint in the Privacy API. If we take a look at the request body that I put together previously, we’ll start to get an idea of how to configure the request. Let’s go through each of the properties here and explain what they’re doing. Company Context is a required array where we must provide our organization ID for authentication purposes. This is the same ID value that you provide in one of the request headers. Users is where we provide information about the users or customers that this request applies to. In this request, we have two users, represented by the two objects in the array. Let’s break these down. Each user has a key, which serves as a unique temporary identifier for the user. This can be any string, though we recommend using a globally unique ID if possible. Next, each user has an action array. This is where we list the actions that we want to perform on this user’s data. We can specify access, delete, or both. Finally, each user has a set of user IDs. These are identifiers that link the user with their stored data in your Experience Cloud products. As discussed in previous videos, each of these identifiers consists of a namespace, a type, and a value. In this example, we’re providing an email and an ECID for one user, while the other user has an email and a CRM ID stored in Analytics. Under include, we’ll list the Experience Cloud products that we want to process this privacy request. In our case, we’re processing this request in Analytics, the platform data lake, and real-time customer profile respectively. To learn the included values for other Experience Cloud products, please refer to the Privacy Service API documentation. Finally, the regulation attribute determines what regulation this request will be filed under in Privacy Service. We’re creating a CCPA request here. Once we’re happy with our request, we’ll hit send, and a successful response returns the details of the newly created jobs. The last operation that we’ll show you how to perform is creating a consent request. Certain privacy regulations require customers to provide explicit consent before their data can be collected. The Privacy Service API allows you to process customer consent requests and integrate them into your privacy workflow. Here you can see that we’re making a post request to the consent endpoint. The request body accepts two properties. The first property, optOutOfSale, represents a consent value that you are setting for the customer in question. If the customer is opting in, this is set to false. If they’re opting out, set it to true. The entities property contains the identity data for the customer. This takes the form of an array of objects. Within each object is a namespace and a list of corresponding values for that namespace. In this example, we’re supplying two email addresses and one ECID for a customer. Let’s hit send. When we receive the response from the API, we can see that it returned HTTP status 202, meaning that our request was successful. You now know how to perform all core operations in the Privacy Service API. If you created privacy requests through the API, you can view and monitor their status on the Privacy Service UI dashboard. See the video on using the UI for more information. For the latest details on how to use the API, please refer to the Privacy Service documentation. Thanks for watching.