Transcend

The Transcend Guide to Privacy

Welcome to the Transcend Docs. You'll find comprehensive guides and documentation to help you start working with Transcend as quickly as possible, as well as support if you get stuck. Let's jump right in!

Guides    API Reference

Authentication

All Transcend APIs require authentication, with two keys:

Security Tip: HTTPS only

All requests must be made over HTTPS. Requests not made over HTTPS will be rejected.

Transcend API Keys

On your Developer Settings tab → you can issue and manage API keys. Each API key can be assigned scopes that dictate what that API key is authorized to do.

Creating API Keys

When you want to use one of our API methods, you should issue a new API key on the Developer Settings tab →. Typically you only need one API key per server, and you can attach scopes to give that key a set of permissions. When you add a new Data Silo, you will have the option of issuing a new API key or assigning the scope for that data silo to an existing API key.

The Authorization Header

Every request must include a header: Authorization with the value of your API key.

Authorization: 
request.post('https://api.transcend.io/v0/data-subject-request', {
  headers: {
    Authorization: ''
  },
  body: {
  	...
  },
  json: true
});
req = urllib2.Request('https://api.transcend.io/v0/data-subject-request')
req.add_header('Content-Type', 'application/json')
req.add_header('Authorization', '')

Cycling API Keys

These API keys should be treated as secrets. They should never be committed to code and they should be cycled regularly. We will remind you when it is a good time to cycle your keys.

The simplest way to cycle a key is to do the following:

  1. Duplicate an existing key
  1. Swap out the new key for the old key in your next deployment
  2. Delete the old key

Security Tip: Never commit your API and cycle regularly

You should make sure you manage your API keys strictly. They should be kept in your private key store or environment variables.


Authentication


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.