Using the API for DSR Automation
These endpoints enable Transcend customers to complete an end-to-end DSR (such as ACCESS or ERASURE) on behalf of their users.
These endpoints can be used in combination with, or in lieu of, Configuring the Privacy Center.
This flow can be achieved end-to-end via four endpoints:
All of the examples below demonstrate how to access Transcend with our default encryption configuration: multi-tenant Sombra.
In order to use these endpoints with a self-hosted Sombra instance, add the x-sombra-authorization header to requests and change the base URL from https://multi-tenant.sombra.transcend.io to your gateway's URL.
Use this endpoint to initiate a data subject request.
When isSilent is set to true, the subject -> email field can be omitted. When this field is set to false, an email address is required in order to send the data subject updates about their DSR. |
Once a DSR has been submitted, it will take some time to complete. The status of the DSR can be accessed via the following endpoint.
Requests with a status of APPROVING, DOWNLOADABLE, or COMPLETED have finished compiling data across your integrations and have files available for download and review, if there are any. Requests can be marked as completed once in the COMPLETED state, or for requests that require a secondary action (e.g. erasure requests), once in the SECONDARY_COMPLETED state.
Once the status of the original DSR indicates there are files available to download, it is possible to get a list of these files for download.
Endpoint: Get the files to download
GET
/v1/data-subject-request/{id}/download-keysWith the downloadKey in hand, it is possible to download the files generated by the DSR.