Data Subject Request API Version 1 and 2
Data Subject Request API Version 3
Platform API Overview
Accounts
Apps
Audiences
Calculated Attributes
Data Points
Feeds
Field Transformations
Services
Users
Workspaces
Warehouse Sync API Overview
Warehouse Sync API Tutorial
Warehouse Sync API Reference
Data Mapping
Warehouse Sync SQL Reference
Warehouse Sync Troubleshooting Guide
ComposeID
Warehouse Sync API v2 Migration
Bulk Profile Deletion API Reference
Calculated Attributes Seeding API
Custom Access Roles API
Data Planning API
Group Identity API Reference
Pixel Service
Profile API
Events API
mParticle JSON Schema Reference
IDSync
AMP SDK
Initialization
Configuration
Network Security Configuration
Event Tracking
User Attributes
IDSync
Screen Events
Commerce Events
Location Tracking
Media
Kits
Application State and Session Management
Data Privacy Controls
Error Tracking
Opt Out
Push Notifications
WebView Integration
Logger
Preventing Blocked HTTP Traffic with CNAME
Linting Data Plans
Troubleshooting the Android SDK
API Reference
Upgrade to Version 5
Cordova Plugin
Identity
Direct URL Routing FAQ
Web
Android
iOS
Getting Started
Identity
Initialization
Configuration
Event Tracking
User Attributes
IDSync
Screen Tracking
Commerce Events
Location Tracking
Media
Kits
Application State and Session Management
Data Privacy Controls
Error Tracking
Opt Out
Push Notifications
Webview Integration
Upload Frequency
App Extensions
Preventing Blocked HTTP Traffic with CNAME
Linting Data Plans
Troubleshooting iOS SDK
Social Networks
iOS 14 Guide
iOS 15 FAQ
iOS 16 FAQ
iOS 17 FAQ
iOS 18 FAQ
API Reference
Upgrade to Version 7
Upload Frequency
Getting Started
Opt Out
Initialize the SDK
Event Tracking
Commerce Tracking
Error Tracking
Screen Tracking
Identity
Location Tracking
Session Management
Initialization
Content Security Policy
Configuration
Event Tracking
User Attributes
IDSync
Page View Tracking
Commerce Events
Location Tracking
Media
Kits
Application State and Session Management
Data Privacy Controls
Error Tracking
Opt Out
Custom Logger
Persistence
Native Web Views
Self-Hosting
Multiple Instances
Web SDK via Google Tag Manager
Preventing Blocked HTTP Traffic with CNAME
Facebook Instant Articles
Troubleshooting the Web SDK
Browser Compatibility
Linting Data Plans
API Reference
Upgrade to Version 2 of the SDK
Getting Started
Identity
Web
Alexa
Node SDK
Go SDK
Python SDK
Ruby SDK
Java SDK
Overview
Step 1. Create an input
Step 2. Verify your input
Step 3. Set up your output
Step 4. Create a connection
Step 5. Verify your connection
Step 6. Track events
Step 7. Track user data
Step 8. Create a data plan
Step 9. Test your local app
Overview
Step 1. Create an input
Step 2. Verify your input
Step 3. Set up your output
Step 4. Create a connection
Step 5. Verify your connection
Step 6. Track events
Step 7. Track user data
Step 8. Create a data plan
Step 1. Create an input
Step 2. Create an output
Step 3. Verify output
Introduction
Outbound Integrations
Firehose Java SDK
Inbound Integrations
Data Hosting Locations
Compose ID
Glossary
Migrate from Segment to mParticle
Migrate from Segment to Client-side mParticle
Migrate from Segment to Server-side mParticle
Segment-to-mParticle Migration Reference
Rules Developer Guide
API Credential Management
The Developer's Guided Journey to mParticle
Create an Input
Start capturing data
Connect an Event Output
Create an Audience
Connect an Audience Output
Transform and Enhance Your Data
The new mParticle Experience
The Overview Map
Introduction
Data Retention
Connections
Activity
Live Stream
Data Filter
Rules
Tiered Events
mParticle Users and Roles
Analytics Free Trial
Troubleshooting mParticle
Usage metering for value-based pricing (VBP)
Introduction
Sync and Activate Analytics User Segments in mParticle
User Segment Activation
Welcome Page Announcements
Project Settings
Roles and Teammates
Organization Settings
Global Project Filters
Portfolio Analytics
Analytics Data Manager Overview
Events
Event Properties
User Properties
Revenue Mapping
Export Data
UTM Guide
Data Dictionary
Query Builder Overview
Modify Filters With And/Or Clauses
Query-time Sampling
Query Notes
Filter Where Clauses
Event vs. User Properties
Group By Clauses
Annotations
Cross-tool Compatibility
Apply All for Filter Where Clauses
Date Range and Time Settings Overview
Understanding the Screen View Event
Analyses Introduction
Getting Started
Visualization Options
For Clauses
Date Range and Time Settings
Calculator
Numerical Settings
Assisted Analysis
Properties Explorer
Frequency in Segmentation
Trends in Segmentation
Did [not] Perform Clauses
Cumulative vs. Non-Cumulative Analysis in Segmentation
Total Count of vs. Users Who Performed
Save Your Segmentation Analysis
Export Results in Segmentation
Explore Users from Segmentation
Getting Started with Funnels
Group By Settings
Conversion Window
Tracking Properties
Date Range and Time Settings
Visualization Options
Interpreting a Funnel Analysis
Group By
Filters
Conversion over Time
Conversion Order
Trends
Funnel Direction
Multi-path Funnels
Analyze as Cohort from Funnel
Save a Funnel Analysis
Explore Users from a Funnel
Export Results from a Funnel
Saved Analyses
Manage Analyses in Dashboards
Dashboards––Getting Started
Manage Dashboards
Organize Dashboards
Dashboard Filters
Scheduled Reports
Favorites
Time and Interval Settings in Dashboards
Query Notes in Dashboards
User Aliasing
The Demo Environment
Keyboard Shortcuts
Analytics for Marketers
Analytics for Product Managers
Compare Conversion Across Acquisition Sources
Analyze Product Feature Usage
Identify Points of User Friction
Time-based Subscription Analysis
Dashboard Tips and Tricks
Understand Product Stickiness
Optimize User Flow with A/B Testing
User Segments
IDSync Overview
Use Cases for IDSync
Components of IDSync
Store and Organize User Data
Identify Users
Default IDSync Configuration
Profile Conversion Strategy
Profile Link Strategy
Profile Isolation Strategy
Best Match Strategy
Aliasing
Overview
Create and Manage Group Definitions
Introduction
Catalog
Live Stream
Data Plans
Blocked Data Backfill Guide
Predictive Attributes Overview
Create Predictive Attributes
Assess and Troubleshoot Predictions
Use Predictive Attributes in Campaigns
Predictive Audiences Overview
Using Predictive Audiences
Introduction
Profiles
Warehouse Sync
Data Privacy Controls
Data Subject Requests
Default Service Limits
Feeds
Cross-Account Audience Sharing
Approved Sub-Processors
Import Data with CSV Files
CSV File Reference
Glossary
Video Index
Single Sign-On (SSO)
Setup Examples
Introduction
Introduction
Introduction
Rudderstack
Google Tag Manager
Segment
Advanced Data Warehouse Settings
AWS Kinesis (Snowplow)
AWS Redshift (Define Your Own Schema)
AWS S3 Integration (Define Your Own Schema)
AWS S3 (Snowplow Schema)
BigQuery (Snowplow Schema)
BigQuery Firebase Schema
BigQuery (Define Your Own Schema)
GCP BigQuery Export
Snowflake (Snowplow Schema)
Snowplow Schema Overview
Snowflake (Define Your Own Schema)
Aliasing
Use the Data Subject Request API version 3 (v3) to receive and manage data subject requests (DSRs) for GDPR and CCPA compliance, and to forward data subject requests of type erasure. To learn more, see Data Subject Requests Guide.
This API is our instance of the OpenDSR framework, formerly known as OpenGDPR.
See the Default Service Limits for information about API rate limits.
v3 contains the following changes:
subject_identities
are sent as a dictionary where the keys are identity types which enforces a single identity per identity type.subject_identities
dictionary with the same format as the subject_identities
in the request.mpid
is included in the extensions, no other identities can be provided in the request.This update enforces identity resolution to map to a single mpid
, and enables forwarding of DSR requests of type erasure.
You must upgrade to version 3 in order to forward DSR requests of type erasure.
Follow the steps below to upgrade from version 1 or version 2 to version 3.
https://opendsr.mparticle.com/v3
.api_version
to 3.0.subject_identities
element as described below.opendsr.mparticle.com
extensions as described below.mpid
in the opendsr.mparticle.com
extensions, you must not include any other identities.The current (v3) mParticle OpenDSR base URL:
https://opendsr.mparticle.com/v3
The HTTP APIs are secured via basic authentication. Credentials are issued at the level of an mParticle Workspace. You can obtain credentials for your Workspace from the Workspace Settings screen. Note that this authentication is for a single workspace and scopes the DSR to this workspace only.
To workspace view credentials:
You can authenticate in two ways:
Manually set the authentication
header by encoding your key and secret together:
example-api-key:example-api-secret
2 Base64 with UTF-8 encode the result:
ZXhhbXBsZS1hcGkta2V5OmV4YW1wbGUtYXBpLXNlY3JldA==
3 Prefix the encoded string with the authorization method, including a space:
Basic ZXhhbXBsZS1hcGkta2V5OmV4YW1wbGUtYXBpLXNlY3JldA==
4 Set resulting string as the Authorization
header in your HTTP requests:
Authorization: Basic ZXhhbXBsZS1hcGkta2V5OmV4YW1wbGUtYXBpLXNlY3JldA==
The primary resource is the request
object:
Resource | Route | Notes |
---|---|---|
request |
/requests |
Used to encapsulate the DSR. |
discovery |
/discovery |
Used only to programmatically report API functionality. |
A request in the OpenDSR format communicates a Data Subject’s wish to access or erase their data. The OpenDSR Request takes a JSON request body and requires a Content-Type: application/json
header:
POST https://opendsr.mparticle.com/v3/requests/
Content-Type: application/json
Authorization: Basic <your-token-here>
{
"regulation": "gdpr",
"subject_request_id": "a7551968-d5d6-44b2-9831-815ac9017798",
"subject_request_type": "erasure",
"submitted_time": "2021-11-01T15:00:00Z",
"subject_identities": {
"email": {
"value": "johndoe@example.com",
"encoding": "raw"
},
"ios_advertising_id": {
"value": "EA7583CD-A667-48BC-B806-42ECB2B48606",
"encoding": "raw"
}
},
"api_version": "3.0",
"status_callback_urls": [
"https://exampleurl.com/opendsr/callbacks"
],
"group_id": "my-group",
"extensions": {
"opendsr.mparticle.com": {
"skip_waiting_period": false,
"subject_identities": {
"other6": {
"value": "EA7583CD-A667-48BC-B806-42ECB2B48606",
"encoding": "raw"
}
}
}
}
}
Field Name | Data Type | Required | Description |
---|---|---|---|
regulation |
string | Required | The regulation this DSR falls under, either gdpr or ccpa . |
subject_request_id |
UUID v4 string | Required | A unique identifier for the request provided by the controller. |
subject_request_type |
string | Required | The type of request. Supported values are access , portability and erasure . |
submitted_time |
ISO 8601 date string | Required | The time the Data Subject originally submitted the request. |
skip_waiting_period |
boolean | Optional | Allows you to skip the 7 day waiting period, shortening the cancellation window to less than 24 hours and the total time to completion to between 1 and 14 days. Supported values are true or false , and the default value is false . If you do not skip the waiting period, the total time to complete an erasure request will be between 7-21 days, with a 7 day waiting period allowing you to cancel the request. Learn more. |
subject_identities |
array | Required unless an extensions field is included |
See below for details |
api_version |
string | Optional | The API Version your request uses. Valid value is 3.0 . |
status_callback_urls |
Array | Optional | Array of URLs for a callback post to be made on completion of the request |
group_id |
string | Optional | The group_id can be used to relate different subject requests together. The maximum number of requests that can be associated to a group_id is 150. Groups are scoped to the workspace. |
extensions |
array | Optional | Contains processor-specific extensions. For mParticle, use the extensions opendsr.mparticle.com . See below for supported identity types. |
subject_identities
ObjectThe subject_identities
are sent as a dictionary where the keys are identity types, and the value fields are value
and encoding
. You can specify up to 50 identities in a single request. The number of identities in a request is also limited by the number of different unique identity types.
"identity_type": {
"value": "some value",
"encoding": "raw"
}
Field Name | Data Type | Description |
---|---|---|
identity_type |
string | The type of identity |
value |
string | The identity value |
encoding |
string | The encoding format of the identity value. For mParticle, the value is raw . |
Data subject requests using the OpenDSR format may include an object called subject_identities
. If you use this object, you must specify:
identity_type
: A string representing the type of identifier used (such as email
or android_advertising_id
)value
: A string representing the value of the identifier (such as example@example.com
)encoding
: a string representing how the identifier is encodedWhen setting the identity_type
in the subject_identities
object of an OpenDSR request, make sure to use values from the column labeled Supported OpenDSR Format in the table below. The column labeled mParticle Identity Type indicates the corresponding types used in mParticle.
Supported OpenDSR Format | mParticle Identity Type |
---|---|
controller_customer_id |
customer_id |
email |
email |
android_advertising_id |
android_advertising_id |
android_id |
android_uuid |
fire_advertising_id |
fire_advertising_id |
ios_advertising_id |
ios_advertising_id |
ios_vendor_id |
ios_idfv |
microsoft_advertising_id |
microsoft_advertising_id |
microsoft_publisher_id |
microsoft_publisher_id |
roku_advertising_id |
roku_advertising_id |
roku_publishing_id |
roku_publishing_id |
The identities supported in the subject_identities
element in the opendsr.mparticle.com
extension are:
mpid
other
other2
other3
other4
other5
other6
other7
other8
other9
other10
mobile_number
phone_number_2
phone_number_3
HTTP/1.1 201 Created
Content Type: application/json
X-OpenDSR-Processor-Domain: opendsr.mparticle.com
X-OpenDSR-Signature:
[signature block]
{
"expected_completion_time":"2021-12-09T00:00:00Z",
"received_time":"2021-11-29T18:16:24.5568051Z",
"encoded_request":"<BASE64 ENCODED REQUEST>",
"subject_request_id":"a7551968-d5d6-44b2-9831-815ac9017798",
"controller_id": "3622"
}
GET /requests/{RequestID}
{
"controller_id": "3622",
"expected_completion_time": "2021-12-09T00:00:00Z",
"subject_request_id": "a7551968-d5d6-44b2-9831-815ac9017798",
"group_id": null,
"request_status": "pending",
"api_version": "3.0",
"results_url": null,
"extensions": null
}
Field Name | Data Type | Description |
---|---|---|
controller_id |
string | A unique ID representing the data controller. mParticles sets this to the workspace ID. |
expected_completion_time |
ISO 8601 date string | The estimated time by which the request will be fulfilled, in UTC. |
subject_request_id |
UUID v4 string | The controller-provided identifier of the request in a GUID v4 format. |
group_id |
string | The group_id can be used to relate different subject requests together. The maximum number of requests that can be associated to a group_id is 150. Groups are scoped to the workspace. |
request_status |
string | The status of the request. Possible values are pending , in_progress , completed and cancelled . |
api_version |
string | The API version for this request. The current version is 3.0 . |
results_url |
string | For Access/Portability requests, a download link to the request results data. This field contains null unless the request is complete. After a request completes, the results_url is valid for 7 days. After that time, attempting to access this URL results in a 410 Gone HTTP response. If no records can be found matching the identities in the request, a request returns a 404 error. |
extensions |
array | Extensions related to DSR forwarding. |
The extensions
element is a collection of information on the current state of sending the forwarding request per partner. The fields are:
Field Name | Data Type | Description |
---|---|---|
domain |
string | The domain of the partner. |
name |
string | The name entered when configuring the DSR configuration for the partner. |
status |
string | The current status of the forwarding request to the partner. |
status_message |
string | Additional details for the skipped and failed status. |
The status
field returns the current status of the forwarding request to the partner:
Status Value | Description |
---|---|
pending |
The request has been queued for forwarding. |
skipped |
Request was not forwarded due to missing identities. |
sent |
The request has been forwarded. |
failed |
The request could not be sent. For example, the request may have invalid credentials or partner API errors occurred. |
GET /requests?group_id={my-group}
The response is a collection of DSR subject requests that match the group_id
.
[
{
"controller_id": "3622",
"expected_completion_time": "2021-09-07T10:00:00.322652Z",
"subject_request_id": "a7551968-d5d6-44b2-9831-815ac9017798",
"group_id": "my-group",
"request_status": "pending",
"api_version": "3.0",
"results_url": null,
"extensions": null
},
{
"controller_id": "3622",
"expected_completion_time": "2021-09-06T10:15:00.259842Z",
"subject_request_id": "cab0a1fc-cfcd-475a-a2a5-e93eb060332f",
"group_id": "my-group",
"request_status": "pending",
"api_version": "3.0",
"results_url": null,
"extensions": null
}
]
DELETE /requests/{RequestID}
Cancels a request. This can only be done if the status of the request is pending
. The request is canceled in mParticle, but does not cancel the erasure
requests to any enabled output.
{
"expected_completion_time": null,
"received_time": "2018-05-16T17:35:58.3631375Z",
"subject_request_id": "a7551968-d5d6-44b2-9831-815ac9017798",
"controller_id": "3622"
}
Field Name | Data Type | Description |
---|---|---|
expected_completion_time |
ISO 8601 date string | An estimate of the time at which the request is expected to be fulfilled, in UTC. For a cancelled request, the value is null . |
received_time |
ISO 8601 date string | The time at which the cancellation request was received. |
subject_request_id |
string | The controller-provided identifier of the request. |
controller_id |
string | A unique ID representing the data controller. mParticles sets this to the workspace ID. |
GET /discovery/
The discovery endpoint allows you to programmatically check the request types and identity types supported by an OpenDSR provider.
{
"api_version": "3.0",
"supported_identities": [
{
"identity_type": "android_advertising_id",
"identity_format": "raw"
},
{
"identity_type": "android_id",
"identity_format": "raw"
},
{
"identity_type": "controller_customer_id",
"identity_format": "raw"
},
{
"identity_type": "email",
"identity_format": "raw"
},
{
"identity_type": "fire_advertising_id",
"identity_format": "raw"
},
{
"identity_type": "ios_advertising_id",
"identity_format": "raw"
},
{
"identity_type": "ios_vendor_id",
"identity_format": "raw"
},
{
"identity_type": "microsoft_advertising_id",
"identity_format": "raw"
},
{
"identity_type": "microsoft_publisher_id",
"identity_format": "raw"
},
{
"identity_type": "roku_advertising_id",
"identity_format": "raw"
},
{
"identity_type": "roku_publisher_id",
"identity_format": "raw"
}
],
"supported_subject_request_types": [
"access",
"erasure",
"portability"
],
"processor_certificate": "https://static.mparticle.com/dsr/opendsr_cert.pem"
}
When a request changes status, including when a request is first created, mParticle sends a callback POST to all URLs specified in the status_callback_urls
array of the request. Callbacks are queued and sent every 15 minutes.
Callback requests are signed and issued over TLS. You must validate the authenticity of the request before parsing the request body.
X-OpenDSR-Processor-Domain
header value is in your whitelist, fetch the certificate. The certificate URL is available as the value of "processor_certificate"
in the /discovery
response body. The certificate can be cached for the lifetime of the certificate.Validate the certificate. This should be handled by a library. Certificate validation should confirm that:
X-OpenDSR-Processor-Domain
header value.X-OpenDSR-Signature
header against the raw request body. mParticle uses SHA256 RSA as a signing algorithm.202 Accepted
status header if all validations are successful. Return a response with a 401 Unauthorized
status header if the signature fails to validate or the processor domain is not in your whitelist.POST /opendsr/callbacks HTTP/1.1
Host: opendsr.mparticle.com
Content Type: application/json
X-OpenDSR-Processor-Domain: opendsr.mparticle.com
X-OpenDSR-Signature:
[signature block]
{
"controller_id":"4308",
"expected_completion_time":"2018-05-31T16:27:28.679094Z",
"subject_request_id":"372fcd8b-d723-452e-ac60-36bd17372321",
"request_status":"pending",
"api_version":"3.0",
"results_url":null,
"extensions": null
}
The following errors may be returned by the API.
{
"code": 400,
"message": "Subject request already exists.",
"errors": [
{
"domain": "Validation",
"reason": "InvalidOperationException",
"message": "Subject request already exists."
}
]
}
Status Code | Retriable | Message |
---|---|---|
400 | No | Invalid data was detected |
400 | No | If an MPID is provided, it must be the only identity in the request. |
400 | No | Subject request already exists: subject_request_id is not unique. |
401 | No | The credentials provided in the request are not valid. Check the credentials used to authenticate.. |
404 | No | The specified subject request id could not be found. For Portability/Access requests, if no records can be found matching the identities in the request, a request to the download link to the request results will also return this error. |
409 | No | There is an in-progress request with the same identities, extensions and type. |
429 | Yes | Too many requests have been submitted. The Retry-After header indicates how long to wait before retrying again. Learn more about API throttling in Default Service Limits. |
Was this page helpful?