Trigger a DSR in Intercom

Introduction

Intercom offers the ability to create Custom Actions that can be used along with the Privacy API to automatically create and manage DSR Automation.

In this example, we will create a Custom Action that will submit an Erasure request upon receiving an Intercom ticket coming from the DSR submission service Mine.

In the works: The Data Rights Protocol

Transcend is working with Consumer Reports on a technical standard for securely sharing data rights requests between authorized agents and businesses.

Setup a Custom Action in Intercom

1. In the Intercom Settings, select the Integrations entry in the sidebar.
2. Select Integrations > Custom Actions, then Create action.
3. In the About section, add a Usage and Description.
4. Proceed to the Request section. For the API Endpoint field, use https://multi-tenant.sombra.transcend.io/v1/data-subject-request.
   • If you are running a self-hosted Sombra instance, change the base URL from https://multi-tenant.sombra.transcend.io to your gateway's URL, which can be found in your dashboard. You may also need to allow Intercom's IP ranges to your Sombra gateway.
5. Select POST for Method.
6. Create your API key in your Transcend dashboard, including the Submit New Data Subject Request scope.
   • More information on authentication to Transcend APIs can be found here.
7. Under Authentication, select New authentication token and create your Transcend Token. Input the following values:
   • Text as the Type
   • Bearer as the Token prefix
   • Authorization as the Key for request header
   • Your API key as the Token value
8. If you are hosting your own instance of Sombra, enter x-sombra-authorization for the Key for request header instead.
   • For the Token value, get your Sombra Bearer token API key and include the Bearer prefix.
   • If needed, rotate your API key:
   • Navigate to "Settings > Sombra" on your Admin Dashboard
   • Scroll to the "Hosted Sombra Keys" section
   • Click on the "Rotate Sombra Keys" button
   • Once the keys are finished rotating, you will be presented with your new INTERNAL_KEY.
   • You will need to copy it down, as it will be lost once the modal is closed.
   • After the modal closes, you will be redirected to the login page for the new keys to take effect.
9. Under HTTP Headers, you will see that the authentication token has already been added automatically. You will also need to include the content-type value.
   • Enter content-type as the Key and application/json as the Value.
10. Specify the body of the request under Request Body as described in the JSON Body for a Data Erasure Request section below.
11. Click Next to proceed to the Testing section. Enter a test email to check the Custom Action has been configured correctly. You should get a green tick and see the details of that request if the connection is validated with the API.

More information about Custom Actions in Intercom can be found here

The full documentation for Privacy API is located here

Create an Intercom Workflow

1. Go to the Automation in the sidebar and click on Workflows .
2. Select New workflow.
3. Choose Create from scratch and use the trigger Customer sends their first message.
4. Configure your Trigger rules. Enable Email as a Channel and add Audience rules that need to be met to activate the trigger. For our example of requests coming from Mine, you could create the rule Message Content contains powered by mine.
   • See this documentation for more information on building triggers for workflows.
5. Click Add step to define what should happen when the trigger fires.
   • Select Custom Action and select the custom action previously created.
   • Create any other steps to complete your workflow paths.
6. Save and set to live.

JSON Body for a Data Erasure Request

The code below is a simple example of JSON data required to create a Data Erasure ticket in Transcend.

If you are setting up a different type of DSR than Erasure, the type field values can be found here. Your subjectType can be found in the Privacy Request Settings, below the Action settings.

In this example, we mark emailIsVerified as false, so your data subject will receive an email confirmation before the DSR workflow can continue as if they submitted a request from the Privacy Center. Additional information on submitting DSRs, deleting, and more can be found here.

You can use the Intercom's selector to pass Intercom attribute values, such as Email in your request body.