Sourcepoint offers your organization an API to delete consent records from its data storage to satisfy the end-user's right to be forgotten. This API can be called by server-side code or through a third-party service like Postman.
An end-user's consent information can be deleted using the consentUUID value.
API endpoint
Sourcepoint offers and API endpoint to allow your organization to delete an end-user's consent information using the consentUUID value.
The API endpoint to delete an end-user's consent information using consentUUID is:
https://sourcepoint.mgr.consensu.org/tcfv2/consent/v3/{__SITE_ID__}?consentUUID={__CONSENT_UUID__}This API endpoint has two placeholders that need to be replaced with the correct values:
- A property's site id
{__SITE_ID__} - The cookie consentUUID
{__CONSENT_UUID__}
Note: The site id value can be found by selecting a property from the Dialogue dashboard and navigating to the browser address bar. The site id value will be shown in the browser address bar.
The consentUUID value can be retrieved from the first-party cookie consentUUID.
Example implementation
Your organization can call the API endpoint using a serve- side script or a third-party service like Postman.
Your organization could use a server side script using code similar to the following PHP example to delete an end-user's consent status. You will need to provide the correct values for site id and consentUUID in the script.
<?php
$site_id = YYYY;
$consent_uuid = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX";
$api_endpoint = "https://sourcepoint.mgr.consensu.org/tcfv2/consent/v3/".$site_id."?consentUUID=".$consent_uuid;
$handle = curl_init($api_endpoint);
$fileHandle = fopen("delete_permission.json", "w");
/* If you encounter an 'SSL certificate problem: unable to get local issuer certificate' then enable the following two lines */
/* This is NOT recommended as a solution and should only be used as a quick and temporary fix */
//curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, 0);
//curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_FILE, $fileHandle);
curl_exec($handle);
curl_close($handle);
fclose($fileHandle);
?>Your organization can use a third party service like Postman to delete an end-user's consent status.
Use the DELETE method and provide the correct API endpoint address and values for site id and consentUUID to delete an end-user's consent status.
API response
The API will return the following response if the request to delete the end-user's consent status history has been successful.
| The JSON response |
|
Furthermore, by calling the API command to request the end-user's consent status history the returned response should be empty. This is an additional check that the end-user's wish has been complied with.