GDPR Soap calls

butnariui673910

13-06-2018

Hello, I need to delete members  using soap calls. The GDPR documentation that I found is not very helpful : Campaign Classic - General Data Protection Regulation .

So I made a soap call like this :

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:nms:gdprRequest">

  <soapenv:Header/>

  <soapenv:Body>

    <urn:CreateRequestByName>

        <urn:namespaceName><![CDATA[privacyRequest5]]></urn:namespaceName>

        <urn:reconciliationValue><![CDATA[test@test.com]]></urn:reconciliationValue>

        <urn:type><![CDATA[access]]></urn:type>

        <urn:confirmDeletePending><![CDATA[true]]></urn:confirmDeletePending>

        <urn:id><![CDATA[3]]></urn:id>

    </urn:CreateRequestByName>

  </soapenv:Body>

</soapenv:Envelope>


I got this error : XTK-170019 Access denied. What I am doing wrong? As a remark my Soap action is nms:gdprRequest#CreateRequestByName

Thank you in advance!

Accepted Solutions (0)

Answers (6)

Answers (6)

Adhiyan

Employee

14-06-2018

Hi Bunariui,

This looks like the Public IP address needs to be whitelisted from where you are making the same call.

You can do a r/test for the instance for which you are doing the GDPR SOAP call and get the public IP from there. Then get that IP whitelisted in the instance.

Then the SOAP call should be going fine.


Regards,
Adhiyan

Adhiyan

Employee

14-06-2018

Hi Loana,

I don't see the instance endpoint here , but if you hit this url : http://<instance_name/r/test  , you should get something like this :

1508627_pastedImage_1.png

You can do this on the machine where POSTMAN is installed.

Also , you need to check if the session token in valid or not . This can be done by doing another simple soap call like get recipients etc.

Regards,

Adhiyan

butnariui673910

14-06-2018

Hello Adhiyan,
     But I'm using postman how can I get the public IP? I made the same call from my VM, where the ip is whitelisted for sure, there I got a NULL response.


Thanks in advance,
Ioana

butnariui673910

13-06-2018

Hi, Yes, I've added the privacy right to my operator. Also I added the session token to my envelope:              

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:nms:gdprRequest">

              <soapenv:Header/>

              <soapenv:Body>

                <urn:CreateRequestByName>

                    <urn:sessiontoken>___a0d42d6c-4124-4f04-929e-63bf1a89bdf6</urn:sessiontoken>

                    <urn:namespaceName><![CDATA[privacyRequest5]]></urn:namespaceName>

                    <urn:reconciliationValue><![CDATA[testioana@test.com]]></urn:reconciliationValue>

                    <urn:type><![CDATA[delete]]></urn:type>

                    <urn:confirmDeletePending><![CDATA[true]]></urn:confirmDeletePending>

                </urn:CreateRequestByName>

              </soapenv:Body>

          </soapenv:Envelope>

      I have the same result

davidk21713691

13-06-2018

Hi,

Did you use the logon method of xtk:session to get the headers? If yes, make sure the operator you're using have Privacy Data Right named right has been added.

This named right is required for Data Controllers in order for them to use privacy tools. This allows them to create new requests, track their evolution, use the API, etc.

1508017_pastedImage_1.png

Thanks

David