REST API PrivSec for Data Portability

Updated on March 20, 2023

‘Cloud Compliance – GDPR/CCPA Management Suite’ generates portability files that include personal data. 

For integration use cases where Portability needs to be invoked from an external system, Cloud Compliance offers a REST API interface.

This note explains how to invoke a pre-configured portability mapping via REST API using a JSON-based callout.

Capabilities

  • REST API-based Data portability.
  • REST API auto-creates a PrivSec Request record and generates PDF, CSV, Excel, and JSON files


There are 2 REST APIs that are developed for this requirement:
 

1.  POST Request 1:

/services/apexrest/PCCC_DM/v1/privsec/createPortability
       

Body 

{
"nameValuePair": {
"FirstName": "David",
"LastName": "Warner",
"Email": "davidwarner41@gmail.com"
},
"objectName": "Contact",
"mappingName": "Contact Portability Mapping Spoke1",
"externalRequest": "EXT117",
"requestedDate": "2021-01-31T23:59:59.000Z",
"description": "Port Data",
"alwaysCreateRequest": true,
"storeNameValuePair": true,
"plannedAssociatedRecordsPurgeDate": "2021-01-31",
"batchSize": 200
}

Here,

nameValuePair – The user can pass multiple fields in the form of name-value pair that Cloud Compliance will use to identify the record and perform Data Portability. Inserting either First Name, Last Name or email as a part of nameValuePair is mandatory. The values of this field cannot be kept as blank.

objectName – Provide the object name on which the user wants to perform Data Portability. Object name parameter is mandatory. The value of this field cannot be kept as blank.

mappingName – Provide an Appropriate mapping name for the appropriate object. Mapping name parameter is mandatory. The value of this field cannot be kept as blank.

externalRequest – When a request is triggered from an external system it records the ID of the request

requestedDate – Actual Date on which the Portability request is initiated. Requested Date parameter is mandatory. The value of this field cannot be kept as blank. Recommended date format is ”yyyy-mm-dd”

Description – The user can provide a relevant description of the Data Portability operation.

alwaysCreateRequest – alwaysCreateRequest (Boolean) default is false. True implies that a PrivSec request is created even if no record is found based on the name-value pair. This is needed to support Portability requests when SF pulls in data from other systems as well…and it is possible that the data subject is not found in SF.

storeNameValuePair – storeNameValuePair (Boolean) default is false. This may be needed by customers who may want to use this information through the Interface class to query other systems.

plannedAssociatedRecordsPurgeDate – The associated records with the PrivSec object record will be deleted on the date which is mentioned in this field.

batchSize – Describes the number of records processed in batch. Recommended batch size is 200.

2. POST Request 2:

/services/apexrest/PCCC_DM/v1/privsec/getPortability
     

Body 

{ "requestId" : "a0W4L000000Km3PUAS", "sendJSON" : true }

Here,

requestId – A record id of PrivSec Request for which the user wants to get all details about Data Portability. 

sendJSON  – If true, Cloud Compliance will return all the field details of the processed record under Data Portability in the form of JSON. 

Solution Steps – 
 

1. Navigate to a Salesforce record (Contact record in this example) that the user wants to perform Data Portability on.

2. Copy all the necessary details that the user wants to pass in the body of the REST call in the form of name-value pair.

E.g. FirstName, LastName, Email, etc.

3. Navigate to a REST tool such as Salesforce’s developer workbench, Postman, Insomnia, etc. (This example uses Salesforce Developer Workbench)

4. Navigate to the ‘REST Explorer’ utility within the workbench and select the “POST” method.

5. For the “POST” method, enter Cloud Compliance’s post-service URL.


    /services/apexrest/PCCC_DM/v1/privsec/createPortability             
  

6. Provide all other necessary details in order to perform Data Portability in the following JSON format in the request body.

{
"nameValuePair": {
"FirstName": "David",
"LastName": "Warner",
"Email": "davidwarner41@gmail.com"
},
"objectName": "Contact",
"mappingName": "Contact Portability Mapping Spoke1",
"externalRequest": "EXT117",
"requestedDate": "2021-01-31T23:59:59.000Z",
"description": "Port Data",
"alwaysCreateRequest": true,
"storeNameValuePair": true,
"plannedAssociatedRecordsPurgeDate": "2021-01-31",
"batchSize": 200
}

7. Click the “Execute” button to invoke the REST API

8. The REST API returns a RequestId and a success message(hasError: false) and the PrivSec Request gets created in the Org.

9. Users can also check the Raw Response of the result in the form of name-value pair by clicking on the link “Show Raw Response”. 

10. Use the 2nd REST API to get the Data Portability JSON using the RequestId.

Navigate to the ‘REST Explorer’ utility within the workbench and select the “POST” method.

11. For the “POST” method, enter Cloud Compliance’s post-service URL.
 

/services/apexrest/PCCC_DM/v1/privsec/getPortability
      

12. Provide necessary details in order to get Data Portability details in the following JSON format in the request body.

{ "requestId" : "a0W4L000000Km3PUAS", "sendJSON" : true }
  

13. Click the “Execute” button to invoke the REST API

14. The REST API returns the Status, Sub-Status, and all other important details of PrivSec Request.

15. Users can also check the Raw Response of the result in the form of name-value pair by clicking on the link “Show Raw Response”.