Guides

GDPR

GDPR Request API allows you to operationalize the Rights of users as mentioned under GDPR

Suggest Edits

API

GDPR Request: POST [https://api.moengage.com/v1/opengdpr_requests/]

For more details on GDPR Compliance with MoEngage, refer this article.

Required Parameters

app_id: Get the APP ID from the MoEngage dashboard under following path: (Settings > App Settings > Account Settings > APP ID).

Required Headers

Authentication

Erase API uses Basic authentication to control access to your data.

Basic authentication sends a Base64-encoded string that contains a username and password for your API requests. username and password are available under following path: (Settings > APIs > DATA API Settings) as shown below.

For the first time, hit the Generate Key and then save on Data APIs settings page.
User name - DATA API ID
Password - DATA API KEY

Basic Authentication encodes a 'username:password' using base64 and prepends it with the string 'Basic '. This is passed in the authorization header as follows
{"Authorization": "Basic bmF2ZWVua3VtYXI6bW9lbmdhZ2U="}

1092

To send a request using a client (as Postman), Authentication can be done in following way:

1124

Content-Type Header

Content-Type header is mandatory and must be set to 'application/json' as follows
{"Content-Type": "application/json"}

APP ID Header

Get the APP ID from the MoEngage dashboard under the path: (Settings > App Settings > Account Settings > APP ID).) and send this as a header as follows-
{"MOE-APPKEY" :""}

Request body

There is a max limit of 100kb per request.

Response

Response will be a json object, on a sucessful call you will receive response as

{
  "status": "success",
  "message": "Your request has been accepted and will be processed soon.",
  "request_id": "a7551968-d5d6-44b2-9831-815ac9017798"
}

Erase personal data

API to use - Erase API
This API is used to remove references of personal data for specific users as defined under GDPR

Signature for GDPR erase API request looks like:

POST https://api.moengage.com/v1/opengdpr_requests/<APP ID>

{
 "request_type":"erasure",
 "submitted_time":"2018-10-05T15:00:00Z",
 "identities":[
   {
      "identity_type":"email",
      "identity_value":"[email protected]"
   }
 ],
 "api_version":"1.0"
}

Mandatory fields:
request_type
submitted_time
identities
api_version

Accepted identity_type's:
Registered Users:

ID - user unique identifier
user_secondary_id

Non Registered Users

email - user email
mobile - user mobile
google_advertising_id - user's android device GAID
advertising_identifier - user's iOS device IDFA

Updated almost 6 years ago