LiveIntent Privacy Management API (1.0.0)
The LiveIntent Privacy Management API is a programmatic interface enabling submission of data privacy requests to keep you compliant with privacy regulations, such as the the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), that provide rights to individuals by giving them control over the collection, processing, use, and deletion of their personal data.
If you are a partner of LiveIntent and your business operates within a jurisdiction covered by CCPA or GDPR, the LiveIntent Privacy Management API will help you implement privacy compliance into your workflows. The Privacy Management API lets you integrate with LiveIntent and submit the following data subject requests through the API:
- Opt-out (of sale): Restricts the collection and sharing of personal information or users.
- Delete/erase: Deletes collected personal information.
- Access/disclose: For internal use only. Provides personal user data report.
The Privacy Management API utilizes access tokens for request authentication. These access tokens grant you the necessary privileges to access the privacy API endpoints, allowing LiveIntent to identify the sender of a request and verify their access rights.
To get an access token, contact your account team at LiveIntent. Then use the provided access token as a bearer token in the Authorization header when sending request to any of the endpoints.
You can interact with the LiveIntent Privacy API as a partner, depending on the user categories you belong to on the LiveIntent ad exchange platform.
- Media Group: A Media Group can have multiple Publishers and Advertisers under it. As a Media Group, any operation you perform on LiveIntent Privacy API is a blanket operation reaching all the Publishers and Advertisers connected to your account id.
- Publisher: A Publisher can have a relationship with multiple Advertisers. As a Publisher that performs user privacy management operations, your operations are specifically for the publisherId and all related advertiserId.
- Advertiser: As an Advertiser, the user privacy management operations you perform are specific to your advertiserId.
- Global: For use by authorized third party agents submitting industry-wide privacy requests on behalf of consumers.
These user account categories are considered types of Account in the LiveIntent ad exchange platform. If you are new to LiveIntent and would like to learn more, please contact your account manager. If you need help setting up an appropriate partner account for your business, email our support team at support@liveintent.com.
Submit a request
This endpoint lets you submit RESTRICT, ERASURE, and ACCESS requests. To access any of the resources, get the access_token as described in the Authentication section, then call this endpoint by specifying an action. The submission of ACCESS requests is for internal use only. A request is considered valid if emailhashes set is not empty OR liveIntentFpcs set is not empty. If both emailHashes and liveItentFpcs are not empty, then the values are all considered as applied to the same, single data subject.
Authorizations:
Request Body schema: application/jsonrequired
| action required | string Enum: "RESTRICT" "ERASURE" "ACCESS" |
| jurisdiction | string Enum: "EU_PRIVACY" "US_PRIVACY" |
| callback | string For internal use only. Callback url that should be invoked when ACCESS request processing has been completed. |
| submitter | string Optional freeform string that may be used to describe the request submission. This value is simply logged with the request and no additional processing is applied. |
| emailHashes | Array of strings (EmailHash) An array of email hashes |
| liveIntentFpcs | Array of strings (Duid) An array of the liveIntent first party cookies (DUIDs) |
object or object or object or object |
Responses
Request samples
- Payload
{- "action": "RESTRICT",
- "jurisdiction": "EU_PRIVACY",
- "callback": "string",
- "submitter": "string",
- "emailHashes": [
- "string"
], - "liveIntentFpcs": [
- "string"
], - "scope": {
- "entity_type": "global"
}
}Response samples
- 202
- 401
- 403
- 500
{- "transactionId": "string"
}Submit a test request
This endpoint lets you submit RESTRICT, ERASURE, and ACCESS requests for testing. The correctness of submitted requests will be verified and the authority of the access_token to submit the type of request will be checked, but the requests will not be persisted. Submitted requests will have no effect on privacy related settings of the submitted hashes and will not lead to a report generation in case of ACCESS action. Responses will consist of randomly generated data. To access any of the resources, get the access_token as described in the Authentication section, then call this endpoint by specifying an action. A request is considered valid if emailhashes set is not empty OR liveIntentFpcs set is not empty. If both emailHashes and liveItentFpcs are not empty, then the values are all considered as applied to the same, single data subject.
Authorizations:
Request Body schema: application/jsonrequired
| action required | string Enum: "RESTRICT" "ERASURE" "ACCESS" |
| jurisdiction | string Enum: "EU_PRIVACY" "US_PRIVACY" |
| callback | string For internal use only. Callback url that should be invoked when ACCESS request processing has been completed. |
| submitter | string Optional freeform string that may be used to describe the request submission. This value is simply logged with the request and no additional processing is applied. |
| emailHashes | Array of strings (EmailHash) An array of email hashes |
| liveIntentFpcs | Array of strings (Duid) An array of the liveIntent first party cookies (DUIDs) |
object or object or object or object |
Responses
Request samples
- Payload
{- "action": "RESTRICT",
- "jurisdiction": "EU_PRIVACY",
- "callback": "string",
- "submitter": "string",
- "emailHashes": [
- "string"
], - "liveIntentFpcs": [
- "string"
], - "scope": {
- "entity_type": "global"
}
}Response samples
- 202
- 401
- 403
- 500
{- "transactionId": "string"
}Get a customer data report
For internal use only. This endpoint lets you download a report that you have already requested with the ACCESS request by providing the transactionId.
Authorizations:
path Parameters
| transactionId required | string (TransactionId) |
Responses
Response samples
- 200
- 401
- 403
- 404
- 500
{- "action": "RESTRICT",
- "emailHashes": [
- "string"
], - "jurisdiction": "EU_PRIVACY",
- "scope": {
- "Global": { }
}, - "userId": 0,
- "callback": "string",
- "submitter": "string",
- "status": "SUBMITTED",
- "createdAt": "2019-08-24T14:15:22Z",
- "downloadUrl": "string",
- "transactionId": "string"
}Search Data Subject Requests
For internal use only. This endpoint lets you search for previously submitted Data Subject Requests.
Authorizations:
Request Body schema: application/jsonrequired
| emailHashes required | Array of strings (EmailHash) |
Responses
Request samples
- Payload
{- "emailHashes": [
- "string"
]
}Response samples
- 200
- 401
- 403
- 404
- 500
{- "results": [
- {
- "action": "RESTRICT",
- "emailHashes": [
- "string"
], - "jurisdiction": "EU_PRIVACY",
- "scope": {
- "Global": { }
}, - "userId": 0,
- "callback": "string",
- "submitter": "string",
- "status": "SUBMITTED",
- "createdAt": "2019-08-24T14:15:22Z",
- "transactionId": "string"
}
]
}