REST API PrivSec for RTBF

The RTBF feature of Cloud Compliance de-identifies personal data. Also, the records associated with related objects follow a certain hierarchy. In particular use cases where the RTBF feature needs to be invoked by an external system, Cloud Compliance offers a REST API interface.

This document explains how to invoke a mapping that is pre-configured via REST API using a JSON-based callout. The API auto-creates a PrevSec Requests and de-identifies the mentioned record as well as the associated records.

There are 2 REST APIs that are developed for this requirement:

1.  POST Request 1:

/services/apexrest/PCCC_DM/v1/privsec/createRTBF
     

Body 

{
“nameValuePair”: {
“FirstName”: “Sam”,
“LastName”: “Conway”,
“Email”: “samconway21@gmail.com”
},
“objectName”: “Contact”,
“mappingName”: “Contact De-Identification Mapping”,
“externalRequest”: “EXT1”,
“requestedDate”: “2022-06-30T23:59:59.000Z”,
“description”: “RTBF using PrivSec Request REST Call”,
“alwaysCreateRequest”: True,
“storeNameValuePair”: true,
“plannedProcessingDate”: “2022-07-15”,
“plannedDeletionDate”: “2022-07-30”,
“plannedAssociatedRecordsPurgeDate”: “2022-07-31”,
“batchSize”: 200

}

Here,

nameValuePair – The user can pass multiple fields in the form of name-value pair that Cloud Compliance will use to identify the record and perform RTBF.

objectName – Provide the object name on which the user wants to perform RTBF.

mappingName – Provide an Appropriate mapping name for the appropriate object.

externalRequest – When a request is triggered from an external system it records the ID of the request

requestedDate – Actual Date on which the RTBF request is initiated

Description – The user can provide a relevant description of the RTBF operation.

alwaysCreateRequest – alwaysCreateRequest (Boolean) default is false. True implies that a PrivSec request is created even if no record is found based on the nameValue pair. This is needed to support RTBF requests when SF pulls in data from other systems as well…and it is possible that the data subject is not found in SF.

storeNameValuePair – storeNameValuePair (Boolean) default is false. This may be needed by customers who may want to use this information through the Interface class to query other systems.

plannedAssociatedRecordsPurgeDate – the associated records with the PrivSec Request record will be deleted on the date which is mentioned in this field.

batchSize – Describes the number of records processed in batch

plannedProcessingDate  – The actual date on which the record will be processed and get de-identify.

plannedDeletionDate – The date on which the record will get deleted from the org after successful de-identification.

2. POST Request 2:

/services/apexrest/PCCC_DM/v1/privsec/getRTBF
 

Body 

{ “requestId” : “a0i5x00000BCqRSAA1″,”sendRequestDetails” : true }

Here,

requestId – A record id of PrivSec Request for which the user wants to get all details about RTBF. 

sendRequestDetails – If true, Cloud Compliance will return all the field details of processed records under RTBF in the form of JSON. 


Solution Steps – 

1. Navigate to a Salesforce record (Contact record in this example) that the user wants to perform RTBF on.

2. Copy all the necessary details that the user wants to pass in the body of the REST call in the form of name-value pair.

E.g. FirstName, LastName, Email, etc.

3. Navigate to a REST tool such as Salesforce’s developer workbench, Postman, Insomnia, etc. (This example uses Salesforce Developer Workbench) https://workbench.developerforce.com/restExplorer.php 

4. Navigate to the ‘REST Explorer’ utility within the workbench and select the “POST” method.

5. For the “POST” method, enter Cloud Compliance’s post-service URL.

/services/apexrest/PCCC_DM/v1/privsec/createRTBF

6. Provide all other necessary details in order to perform RTBF in the following JSON format in the request body.

{
“nameValuePair”: {
“FirstName”: “Sam”,
“LastName”: “Conway”,
“Email”: “samconway21@gmail.com”
},
“objectName”: “Contact”,
“mappingName”: “Contact De-Identification Mapping”,
“externalRequest”: “EXT1”,
“requestedDate”: “2022-06-30T23:59:59.000Z”,
“description”: “RTBF using PrivSec Request REST Call”,
“alwaysCreateRequest”: True,
“storeNameValuePair”: true,
“plannedProcessingDate”: “2022-07-15”,
“plannedDeletionDate”: “2022-07-30”,
“plannedAssociatedRecordsPurgeDate”: “2022-07-31”,
“batchSize”: 200

}

7. Click the “Execute” button to invoke the REST API

8. The REST API returns a RequestId and a success message(hasError: false) and the PrivSec Request gets created in the Org.

9. Users can also check the Raw Response of the result in the form of name-value pair by clicking on the link “Show Raw Response”. 

10. Now user can navigate to the record and can verify whether the record is de-identified or not.

11. Use the 2nd REST API to get the RTBF JSON using the RequestId.

12. Navigate to the ‘REST Explorer’ utility within the workbench and select the “POST” method.

13. For the “POST” method, enter Cloud Compliance’s post-service URL.

/services/apexrest/PCCC_DM/v1/privsec/getRTBF
       

14. Provide necessary details in order to get RTBF details in the following JSON format in the request body.

{ “requestId” : “a0W4L000000KmD0UAK”, “sendRequestDetails” : true }

15. Click the “Execute” button to invoke the REST API

16. The REST API returns the Status, Sub-Status, and all other important details of PrivSec Request.

17. Users can also check the Raw Response of the result in the form of name-value pair by clicking on the link “Show Raw Response”.