Revoke GDPR Actions API: revokeGdprActions

The Revoke GDPR Actions API provides a mechanism to revoke previously made GDPR requests. This feature is particularly useful in scenarios where a request for data access or deletion needs to be canceled or modified.

Note: You cannot revoke a GDPR request once the request has been processed completely. Real-time CDP will only accept the revoke requests from the pending requests.

API Endpoint and Method

URL Format

https://{GDPR_API_URL}/api/v1/gdpr/b2b/revokeGdprActions

Example URL

https://api-dev.algonomy.com/rcdpapi/api/v1/gdpr/b2b/revokeGdprActions

HTTP Method

POST

Note: To get the {GDPR_API_URL} contact your CSM or Algonomy support team.

Request Header

Include the following parameters in your request header:

Note: In Request Body, for a given reqParam type, the corresponding reqParamValue should be given into the header. reqParamValue can be sensitive data hence it is part of the request header.

Request Body

1
2
3
4
5
{
"reqType":"forget",
"reqParam":"gcrid",
"reqSource":"test_1"
}

In the request payload, the following parameters are used to specify key details for the GDPR request:

• reqType: Specifies the type of GDPR request. This field is critical for indicating the nature of the original request, such as "access" for data access requests or "forget" for data deletion requests.

• reqParam: Defines the customer identification type such as email, mobile number, gcrid. It is necessary to include at least one such customer identifier in each API request.

• reqSource: Describes the source of the request, which can support up to a 10-character string and can be any valid string.

Available customer identifiers are:

Response Body

A successful request returns “200 – OK” along with the following retrieved data as response.

1
2
3
4
5
{
"status": "OK",
"message": "Access request successfully revoked.",
"data": "Access request successfully revoked."
}