Submit multiple data subject requests in a single call. Each item targets a workflow configuration; request type and data subject class are derived from that config rather than specified in the request body.

The response returns the full created-request shape for each item in requests, including resolved partition and workflowConfig fields.

NOTE: This feature requires that you have migrated to workflows. See the Workflows quickstart guide.

POST

/v1/data-subject-request-bulk

In your request headers, pass authorization: Bearer <<token>>.

If you're self-hosting Sombra, also add the request header x-sombra-authorization: Bearer <<sombraInternalKey>>. You can read more about request authorization here.

Requires scope:

Submit New Data Subject Request

authorizationstring
An API key generated from the Transcend dashboard: https://app.transcend.io/infrastructure/api-keys.
x-sombra-authorizationstring
The Sombra internal key. This header is only needed for self-hosted Sombra gateways. See https://docs.transcend.io/docs/dsr-automation/api-integration/authentication#authenticating-to-sombra
content-typestring
Specify content-type: application/json for a JSON response from the Transcend API.

application/json

inputarray<object>(required)
One or more DSRs to submit.

Request Body Examples

Submit new Access DSR:

{
  "input": [
    {
      "workflowConfigId": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
      "attestedAuthContext": {
        "coreIdentifier": "id-123456789",
        "email": "user@example.com"
      }
    }
  ]
}

Submit new Access DSR with partition:

{
  "input": [
    {
      "workflowConfigId": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
      "attestedAuthContext": {
        "coreIdentifier": "id-123456789",
        "email": "user@example.com"
      },
      "partitionKey": "eu-west-1"
    }
  ]
}

Restart existing DSR with identifier strategy:

{
  "input": [
    {
      "workflowConfigId": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
      "requestId": "e096a801-75bd-4296-ae6a-7c2553510500",
      "restartIdentifierStrategy": "PRESERVE_ALL_VERIFICATIONS",
      "attestedAuthContext": {
        "coreIdentifier": "id-123456789",
        "email": "user@example.com"
      }
    }
  ]
}

Submit multiple DSRs:

{
  "input": [
    {
      "workflowConfigId": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
      "attestedAuthContext": {
        "coreIdentifier": "id-123456789",
        "email": "user@example.com"
      },
      "partitionKey": "eu-west-1"
    },
    {
      "workflowConfigId": "c3d4e5f6-a7b8-9012-cdef-123456789012",
      "attestedAuthContext": {
        "coreIdentifier": "id-987654321",
        "email": "other@example.com"
      }
    }
  ]
}

Submit new Erasure DSR with extra identifiers:

{
  "input": [
    {
      "workflowConfigId": "c3d4e5f6-a7b8-9012-cdef-123456789012",
      "attestedAuthContext": {
        "coreIdentifier": "id-123456789",
        "email": "user@example.com",
        "emailIsVerified": true,
        "attestedExtraIdentifiers": {
          "email": [
            {
              "value": "another-email@example.com"
            }
          ],
          "custom": [
            {
              "value": "mbrook",
              "name": "username"
            }
          ]
        }
      }
    }
  ]
}

200 (OK)

application/json

The requests were successfully submitted to Transcend to be processed. Each element of `requests` includes the resolved `partition` and `workflowConfig` for that item, along with `type` and `subjectType` derived from the workflow config.

Response Body

requestsarray<object>(required)

Response Body Examples

Sample response body:

{
  "requests": [
    {
      "id": "da13d328-3f9d-40d5-9312-9f4fcf3ad0d2",
      "status": "COMPILING",
      "type": "ACCESS",
      "subjectType": "customer",
      "email": null,
      "coreIdentifier": "id-123456789",
      "isSilent": false,
      "isTest": false,
      "replyToEmailAddresses": [],
      "country": null,
      "countrySubDivision": null,
      "partition": null,
      "attributeValues": [],
      "workflowConfig": {
        "id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
        "internalName": "GDPR Access Request",
        "workflowConfigType": "DSR",
        "workflowConfigVisibility": "PUBLISHED"
      },
      "link": "https://app.transcend.io/privacy-requests/incoming-requests/da13d328-3f9d-40d5-9312-9f4fcf3ad0d2"
    }
  ]
}

Sample response body with partition:

{
  "requests": [
    {
      "id": "da13d328-3f9d-40d5-9312-9f4fcf3ad0d2",
      "status": "COMPILING",
      "type": "ACCESS",
      "subjectType": "customer",
      "email": null,
      "coreIdentifier": "id-123456789",
      "isSilent": false,
      "isTest": false,
      "replyToEmailAddresses": [],
      "country": null,
      "countrySubDivision": null,
      "partition": {
        "id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
        "name": "Production EU",
        "partition": "eu-west-1"
      },
      "attributeValues": [],
      "workflowConfig": {
        "id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
        "internalName": "GDPR Access Request",
        "workflowConfigType": "DSR",
        "workflowConfigVisibility": "PUBLISHED"
      },
      "link": "https://app.transcend.io/privacy-requests/incoming-requests/da13d328-3f9d-40d5-9312-9f4fcf3ad0d2"
    }
  ]
}

Multiple requests with mixed partitions:

{
  "requests": [
    {
      "id": "da13d328-3f9d-40d5-9312-9f4fcf3ad0d2",
      "status": "COMPILING",
      "type": "ACCESS",
      "subjectType": "customer",
      "email": null,
      "coreIdentifier": "id-123456789",
      "isSilent": false,
      "isTest": false,
      "replyToEmailAddresses": [],
      "country": null,
      "countrySubDivision": null,
      "partition": {
        "id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
        "name": "Production EU",
        "partition": "eu-west-1"
      },
      "attributeValues": [],
      "workflowConfig": {
        "id": "b2c3d4e5-f6a7-8901-bcde-f12345678901",
        "internalName": "GDPR Access Request",
        "workflowConfigType": "DSR",
        "workflowConfigVisibility": "PUBLISHED"
      },
      "link": "https://app.transcend.io/privacy-requests/incoming-requests/da13d328-3f9d-40d5-9312-9f4fcf3ad0d2"
    },
    {
      "id": "e096a801-75bd-4296-ae6a-7c2553510500",
      "status": "COMPILING",
      "type": "ERASURE",
      "subjectType": "customer",
      "email": null,
      "coreIdentifier": "id-987654321",
      "isSilent": false,
      "isTest": false,
      "replyToEmailAddresses": [],
      "country": null,
      "countrySubDivision": null,
      "partition": null,
      "attributeValues": [],
      "workflowConfig": {
        "id": "c3d4e5f6-a7b8-9012-cdef-123456789012",
        "internalName": "GDPR Erasure Request",
        "workflowConfigType": "DSR",
        "workflowConfigVisibility": "PUBLISHED"
      },
      "link": "https://app.transcend.io/privacy-requests/incoming-requests/e096a801-75bd-4296-ae6a-7c2553510500"
    }
  ]
}

400 (Bad Request)

application/json

While this request passed authentication, the input is malformed. Please double-check that your code conforms to our API specification.

401 (Unauthorized)

application/json

There was a problem authenticating your request. This may be an issue with the Transcend API key ("authorization" header), or the Sombra API key ("x-sombra-authorization" header used for self-hosted gateways only).

413 (Request Entity Too Large)

application/json

The request body is too large. JSON and raw bodies must be less than 50MB. URL encoded bodies must be less than 30MB.

429 (Too Many Requests)

The request was throttled due to exceeding our rate limit. By default, all customers are limited to 100,000 requests per day, after which customers are allowed 60 requests per minute. You can increase this limit by contacting Transcend support.

Response Headers

Retry-Afterinteger
X-RateLimit-Limitinteger
X-RateLimit-Remaininginteger
X-RateLimit-Resetinteger

500 (Internal Server Error)

application/json

A 5xx error means there is either an issue with your self-hosted gateway, or a Transcend server is having issues. You check our system status at status.transcend.io. Please reach out to Transcend support if you're experiencing this error.

502 (Bad Gateway)

application/json

An upstream service on Transcend's side is having issues. You check our system status at status.transcend.io. Please reach out to Transcend support if you're experiencing this error.