MoEngage Docs

GDPR API

GDPR Request API allows you to operationalize the Rights of users as mentioned under GDPR

GDPR API ensures all the rights of users are created or updated for GDPR compliance. You can erase the personal data of specific users as defined under GDPR using the Erase API.

For more details on GDPR Compliance with MoEngage, refer to GDPR-Implementation.

GDPR API Endpoints

MoEngage supports multiple data centers with different dashboards and API endpoints. When you sign up with MoEngage, you will be assigned a particular data center and the relevant dashboard is displayed. Use the API endpoints associated with the data center.

For more information about your data center, contact [email protected]

You can find out which data center you are assigned to when you log in to the dashboard. The following table describes the dashboard URL and API endpoint associated with the data center.

Two versions of the dashboard URL and API endpoints are provided by MoEngage.

Data Centers and API Endpoints

Please note that we will continue to support both the old and new data API endpoints mentioned in the above section for foreseeable future but we recommend out customers to move to the new endpoints as soon as possible.

Syntax

New Version for different data centers

POST [https://api-01.moengage.com/v1/opengdpr_requests/<APP ID>]
POST [https://api-02.moengage.com/v1/opengdpr_requests/<APP ID>]
POST [https://api-03.moengage.com/v1/opengdpr_requests/<APP ID>]

Old Version for different data centers

POST https://api.moengage.com/v1/opengdpr_requests/
POST https://api-eu.moengage.com/v1/opengdpr_requests/
POST https://api-serv3.moengage.com/v1/opengdpr_requests/

👍

Support for Old and New Endpoints

Support for both old and new GDPR API endpoints will be available, but we recommend that you start using the new endpoints as soon as possible.

Required Parameters

app_id
Get the APP ID from the MoEngage dashboard under following path: ***Settings > App Settings > Account Settings > APP ID***.

Required Headers

Authentication

Erase API uses basic authentication to control access to your data.

Basic authentication sends a Base64-encoded string containing username and password for all API requests.

Username and password are available at Settings > APIs > DATA API Settings.

Do the following when you are using the API for the first-time authentication:

 1. Navigate to ***Settings > APIs > DATA API Settings***.

 2. Click Generate Key

 3. Save the details on the Data APIs settings page.
      User name - DATA API ID
      Password - DATA API KEY

For example, basic Authentication encodes a 'username:password' using base64 and prepends it with the string 'Basic '. The string is passed in the authorization header as follows:
{"Authorization":"Basic bmF2ZWVua3VtYXI6bW9lbmdhZ2U="}

Authentication is performed using a client like Postman as follows:

Content-Type Header

Content-Type header is mandatory and is set to 'application/json' as follows:

{"Content-Type": "application/json"}

Request body###APP ID Header

Get the APP ID from the MoEngage dashboard under the path: Settings > App Settings > Account Settings > APP ID and send in the header as follows:

{"MOE-APPKEY" :"<APP ID>"}

Request body

There is a max limit of 100kb per request.

Request Body Fields

Key

Description

Mandatory

request_type

This is used to request for GDPR details or request to erase the GDPR details

Yes

submitted_time

This identifies the time when the request was sent

Yes

identities

This provides the details of the user such as email address, phone number, and so on

Yes

api_version

This identifies the API version used to send the GDPR request.

Yes

id

This is the unique identifier of a registered user.

No

user_secondary_id

This is the secondary identifier of a registered user.

No

email

This is the user email of an unregistered user.

No

mobile

This is the user mobile of an unregistered user.

No

google_advertising_id

This is the android device GAID of an unregistered user.

No

advertising_identifier

This is the iOS device IDFA of an unregistered user

No

Response

Response is a JSON object.

GDPR request success

On a successful call, the response is as follows:

{
  "status": "success",
  "message": "Your request has been accepted and will be processed soon.",
  "request_id": "a7551968-d5d6-44b2-9831-815ac9017798"
}

Example

The following example describes the request to erase personal data.

{
 "request_type":"erasure",
 "submitted_time":"2018-10-05T15:00:00Z",
 "identities":[
   {
      "identity_type":"email",
      "identity_value":"[email protected]"
   }
 ],
 "api_version":"1.0"
}

Updated 3 months ago

GDPR API


GDPR Request API allows you to operationalize the Rights of users as mentioned under GDPR

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.