Delete end-user consent data history

Sourcepoint offers your organization an API to delete consent records from its data storage to satisfy the end-user's right to be forgotten. This API can be called by server-side code or through a third-party service like Postman.

An end-user's consent information can be deleted using the consentUUID value.


API endpoint

Sourcepoint offers and API endpoint to allow your organization to delete an end-user's consent information using the consentUUID value.

The API endpoint to delete an end-user's consent information using consentUUID is:

https://sourcepoint.mgr.consensu.org/tcfv2/consent/v3/{__SITE_ID__}?consentUUID={__CONSENT_UUID__}

This API endpoint has two placeholders that need to be replaced with the correct values:

  • A property's site id {__SITE_ID__}
  • The cookie consentUUID {__CONSENT_UUID__}

  Note: The site id value can be found by selecting a property from the Dialogue dashboard and navigating to the browser address bar. The site id value will be shown in the browser address bar.

site_id.png

The consentUUID value can be retrieved from the first-party cookie consentUUID.


Example implementation

Your organization can call the API endpoint using a serve- side script or a third-party service like Postman.

Server-side script (PHP example) Using Postman

Your organization could use a server side script using code similar to the following PHP example to delete an end-user's consent status. You will need to provide the correct values for site id and consentUUID in the script.

<?php
    
$site_id = YYYY;
$consent_uuid = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX";
$api_endpoint = "https://sourcepoint.mgr.consensu.org/tcfv2/consent/v3/".$site_id."?consentUUID=".$consent_uuid;
$handle = curl_init($api_endpoint);
$fileHandle = fopen("delete_permission.json", "w");

/* If you encounter an 'SSL certificate problem: unable to get local issuer certificate' then enable the following two lines */
/* This is NOT recommended as a solution and should only be used as a quick and temporary fix */
//curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, 0);
//curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, 0); 

curl_setopt($handle, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_FILE, $fileHandle);

curl_exec($handle);

curl_close($handle);
fclose($fileHandle);

?>

API response

The API will return the following response if the request to delete the end-user's consent status history has been successful.

The JSON response
{
    "n": 1,
    "ok": 1,
    "deletedCount": 1
}

Furthermore, by calling the API command to request the end-user's consent status history the returned response should be empty. This is an additional check that the end-user's wish has been complied with.

Was this article helpful?
0 out of 0 found this helpful