DPTK Connector API Configurations

DPTK can be extended to integrate GDPR tasks for retrieving and pseudonymizing PII from 3rd party applications.

This can be done via Connectors:

  1. Connectors are defined via a Java interface and can be added via DPTK configuration.
  2. They define retrieving and pseudonymizing logic for 3rdparty app.
  3. The typical way would be to communicate via GDPR relevant endpoints prepared on the 3rd party application (implemented via a Generic DPTK Connector).
  4. For specialized treatment new Java classes can be created based on interface to handle GDPR tasks accordingly for app

In order to cover 3rd-party data sources within DPTK, the asset provides a simple Connectors API. In general, the API targets two type of GDPR related requests:

  1. Data retrieval
  2. Data deletion / pseudonymization

Typical expected communication as an example:

ICXT:

Retrieve all personal data.

  • Method: POST
  • Content-Type: application/json
  • Payload Schema:
{

type: object,

properties: {

email: { type: string },

name: { type: string },

userId: { type: string },

guid: { type: string }

},

required: []

}
  • Payload sample:
{

email: some@PROF_MAIL.value,

name: some-PROF_DISPLAYNAME-value,

userId: some-PROF_UID-value,

guid: some-PROF_GUID-value

}
  • Expected Response (JSON Schema):
{

type: array,

items: {

type: object,

properties: {

source: { type: string },

type: { type: string },

id: { type: string },

title: { type: string },

text: { type: string },

updated: { type: number }

},

required: [id, title]

}

}
  • Response sample:
[ {

title : ICXT UserStore Mapping,

text : fadams@cnx.local=fadams@cnx.local,

id : icxt.userstore.mapping

}, {

title : ICXT UserStore Mapping,

text : fadams@cnx.local=fadams@cnx.local,

id : icxt.userstore.mapping

}, {

title : ICXT UserStore User,

text : User[userId=fadams, email=fadams@cnx.local, name=Frank Adams, userState=active, external=false, guid=d484c056-cf98-1036-97b9-c393f08f822e],

id : icxt.userstore.user

},

{

id: cnxcommunitiescommunity4.0.0,

title: EE360 Community,

text: Found 2 document(s) in content provider Community (cnxcommunitiescommunity4.0.0),

source: cnxcommunitiescommunity4.0.0

},

{

id: mentions-ofquestioncomments4.0.0,

title: EE360 Mentions-Question comment,

text: Found 1 document(s) with mentions for the user in content provider Question comment (ofquestioncomments4.0.0),

source: ofquestioncomments4.0.0

} ]

Retrieve profile data

  • Method: POST
  • Content-Type: application/json
  • Payload Schema:
{

type: object,

properties: {

email: { type: string },

name: { type: string },

userId: { type: string },

guid: { type: string }

},

required: []

}
  • Payload sample:
{

email: some@PROF_MAIL.value,

name: some-PROF_DISPLAYNAME-value,

userId: some-PROF_UID-value,

guid: some-PROF_GUID-value

}
  • Expected Response (JSON Schema):
{

type: object,

additionalProperties: { type: string }

}
  • Response sample:
{

last_name: adams,

display_name: Frank Adams,

picture: https://oasis.ibm-sba.com/profiles/photo.do?userid=e7399e2a-f734-1035-8dd9-515fb2b341ec,

phone: {

primary: 555-1128

},

connectionsUID: e7399e2a-f734-1035-8dd9-515fb2b341ec,

first_name: franz,

job_title: Lead Developer CX/XYZ,

email: fadams@greenwell.com

}

Pseudonymization profile data

  • Method: POST
  • Content-Type: application/json
  • Payload Schema:
{

type: object,

properties: {

profile: {

type: object,

properties: {

email: { type: string },

name: { type: string },

userId: { type: string },

guid: { type: string }

}

},

anonymize: {

type: object,

properties: {

additionalProperties: true

}

},

required: []

}
  • Payload sample:
{

profile: {

email: some@PROF_MAIL.value

},

anonymize: {

display_name: Anonymous

}

}

The payload includes the identifiers of the user in the same way as in the data retrieval request. The anonymize object can include any of the returned profile fields from the profile data request, mapped to the value that it should be overwritten with.

  • Expected Response (JSON Schema):
{

type: object,

additionalProperties: { type: string }

}
  • Response sample:
{

last_name: adams,

display_name: Anonymous,

picture: https://oasis.ibm-sba.com/profiles/photo.do?userid=e7399e2a-f734-1035-8dd9-515fb2b341ec,

phone: {

primary: 555-1128

},

connectionsUID: e7399e2a-f734-1035-8dd9-515fb2b341ec,

first_name: franz,

job_title: Lead Developer CX/XYZ,

email: fadams@greenwell.com

}

Return codes

  • 200: It's all good
  • 400: The request payload is not valid, or the the retrieval process ran into an error that is related to the input data.
  • 401: Unauthorized
  • 403: Forbidden
  • 415: Unsupported media type (e.g. request payload has not the correct data type application/json)
  • 500: It's all messed up