Overview
The Privacy Requests API allows partners to automate the processing of consumers’ Data Subject Access Requests related to data stored by ID5. The Data Deletion service handles deletion of any data associated with the consumer, if any.
- The first step is to POST the Data Deletion Request with the necessary information for ID5 to process it.
- The response to this request will contain a job ID that can then be queried using the Status API to see the status of the request.
Data Deletion Request
Example URL
https://api.id5-sync.com/partners/v1/{PARTNER}/privacy/requests/deletion?token={TOKEN}
Request Type
HTTP POST with JSON body
Request Headers
Content-Type: application/json; charset=UTF-8
Partner Number
The value {PARTNER} in the above example url will be replaced by an ID5-provided Partner Number. This value will be static for you once we set you up in our system. You may use the example URL above during testing with the Partner Number 173. If you haven't already been assigned a Partner Number, please contact us to request one.
Available Parameters
Querystring
| Name | Required | Description |
|---|---|---|
| token | x | A permanent security token provided by ID5. Please contact ID5 at [email protected] for your token. |
Request Body
| Name | Required | Description |
|---|---|---|
|
|
Email of the consumer that is requesting their data be deleted. Should be in plain text format or a sha256 hash of the email. sha256 should be calculated as per these guidelines. It is required to provide one of the fields: email, id5id, maid, partnerUid. | |
| id5id |
|
ID5 ID of the consumer that is requesting their data be deleted. Should be in encrypted (ID5*) or decrypted (ID5-) format. It is required to provide one of the fields: email, id5id, maid, partnerUid. |
| maid |
|
Mobile Advertising ID (either gaid or idfa) of the consumer that is requesting their data be deleted. Should be in text format, eg: 580d2b4c-29a5-7a7b-85dc-44132c023ac8. It is required to provide one of the fields: email, id5id, maid, partnerUid. |
| partnerUid |
|
Partner specific user ID - the same that is send in pd string under key 5. It is required to provide one of the fields: email, id5id, maid, partnerUid. |
| jurisdiction | x | The jurisdiction under which the request was made. See below for possible case-insensitive values |
| replyToEmail |
|
Plain text email to which a response message will be sent indicating the results of the request. If no value is provided, no confirmation email will be sent |
Possible jurisdiction values
- GDPR
- CCPA
Example Data Deletion Request
POST: https://api.id5-sync.com/partners/v1/173/privacy/requests/deletion?token=abc123
{
"email": "cd372fb85148700fa88095e3492d3f9f5beb43e555e5ff26d95f5a6adc36f8e6",
"id5id": "ID5*j0EDhnOeLA7GJ9KXt05cszkCOLRHRyqVRKNx4Wo9iEtZYPIcnd32YHQ9MjAOLR0UWWEhBhCvzGoO5pggW2pX3w",
"maid": "580d2b4c-29a5-7a7b-85dc-44132c023ac8",
"partnerUid": "a-123456789",
"jurisdiction": "GDPR",
"replyToEmail": "[email protected]"
}Data Deletion Response
Successful Response
HTTP Status Code
200 OK
Response Body
| Name | Description |
|---|---|
| id | The job ID of the Data Deletion Request |
Example Successful Response
{
"id": "a8b6ccc4ee35ddaf5a5bb0f5c696dbd3"
}Unsuccessful Response
Schema
{
"error": {
"code": "{CODE}",
"type": "{TYPE}"
"message": "{MESSAGE}",
}
}Error Descriptions
| HTTP Status Code | Code | Type | Message |
|---|---|---|---|
| 401 | api_token_invalid | authentication_error | No API token provided |
| 400 | partiner_id_invalid | authentication_error | Invalid partner id {PARTNER_ID} provided |
| 403 | api_token_not_authorized | authentication_error | Api token {TOKEN} does not have access to this resource |
| 400 | request_format_invalid | invalid_request_error | application/json; charset=UTF-8 POST required |
| 400 | request_format_invalid | invalid_request_error | Missing required JSON body |
| 400 | user_objects_invalid | validation_error | Missing required parameter 'jurisdiction' |
| 400 | user_objects_invalid | validation_error | Missing one of parameters: ['id5id', 'email', 'maid'] |
| 400 | user_objects_invalid | validation_error | Provided ID5ID [ID5ID] cannot be decrypted |
| 400 | user_objects_invalid | validation_error | Provided ID5ID [ID5ID] is not a valid one |
| 400 | user_objects_invalid | validation_error | Provided maid [MAID] is not a valid one |
| 403 | api_rate_limit_error | rate_limit_error | Limit of 1 request daily allowed per email has been reached |
| 403 | api_rate_limit_error | rate_limit_error | Limit of 1 request daily allowed per id5id has been reached |
| 403 | api_rate_limit_error | rate_limit_error | Limit of 1 request daily allowed per maid has been reached |
| 403 | api_rate_limit_error | rate_limit_error | Limit of 1 request daily allowed per partnerUid has been reached |
| 403 | api_rate_limit_error | rate_limit_error | Limit of 3,000 requests daily allowed per partner has been reached |
Example Unsuccessful Response
{
"error": {
"code": "api_token_invalid",
"type": "authentication_error"
"message": "No API token provided",
}
}
Status Request
Example URL
Request Type
HTTP GET
Available Parameters
URL Path
| Name | Required | Description |
|---|---|---|
| PARTNER | x | The Partner Number provided by ID5 used in the Data Deletion Request |
| PRIVACY_REQUEST_DELETION_JOB_ID | x | The id from the Data Deletion Request response body |
Querystring
| Name | Required | Description |
|---|---|---|
| token | x | A permanent security token provided by ID5. Please contact ID5 at [email protected] for your token. This is the same token as used in the Data Deletion Request |
Example Request
Status Response
Successful Response
HTTP Status Code
200 OK
Response Body
| Name | Description |
|---|---|
| id | The job ID of the Data Deletion request |
| jobStatus | The current status of the job. See below for possible values |
| processingResult | Result of processing the DSAR. See below for possible values |
| emailSentUnixTimestamp | Unix timestamp when reply-to email was sent. Will be null if no email was sent yet (because it was not processed yet or because there was no replyToEmail defined in the request) |
Possible jobStatus values
- CREATED
- STARTED
- FAILED
- DONE
- SENT
- SEND_FAILED
- CANCELLED
Possible processingResult values
- DELETE_DELETED
- DELETE_NO_DATA
- NONE
Example Successful Response
{
"id": "a8b6ccc4ee35ddaf5a5bb0f5c696dbd3",
"jobStatus": "SENT",
"processingResult": "DELETE_DELETED",
"emailSentUnixTimestamp": 1661933465437
}Unsuccessful Response
Schema
{
"error": {
"code": "{CODE}",
"type": "{TYPE}"
"message": "{MESSAGE}",
}
}
Error Descriptions
| HTTP Status Code | Code | Type | Message |
|---|---|---|---|
| 401 | api_token_invalid | authentication_error | No API token provided |
| 400 | partiner_id_invalid | authentication_error | Invalid partner id {PARTNER_ID} provided |
| 403 | api_token_not_authorized | authentication_error | Api token {TOKEN} does not have access to this resource |
| 400 | user_object_invalid | validation_error | provided job id is not a valid UUID |
| 404 | user_objects_invalid | invalid_request_error | provided job UUID not found |
| 500 | internal_id5_error | api_error | Internal error id: {ID} |
Example Unsuccessful Response
{
"error": {
"code": "user_object_invalid",
"message": "provided job UUID not found",
"type": "invalid_request_error"
}
}