/ Platform API
Platform API
    Chat Platform API v3
    Chat Platform API
    Chat Platform API
    Version 3
    Home
    /
    Chat
    /
    Platform API
    /
    Privacy

    Register a GDPR request

    Copy link

    Registers a specific type of GDPR request to comply with the GDPR's requirements.

    Note: Currently, Sendbird only provides options to delete and access user data. Features to address the right to restriction of processing and right to object will be available soon.

    HTTP request

    Copy link
    POST https://api-{application_id}.sendbird.com/v3/privacy/gdpr

    Request body

    Copy link

    The following table lists the properties of an HTTP request that this action supports.

    Properties
    OptionalTypeDescription

    action

    string

    Determines the type of a GDPR request. Acceptable values are access and delete. If set to access, Sendbird server generates a downloadable zip file containing the data of a user specified in the user_id property to comply with GDPR's right of access by the data subject. If set to delete, users specified in the user_ids property are permanently deleted from your Sendbird application to comply with GDPR's right to erasure of the data subject. (Default: delete)

    user_id

    string

    Specifies the unique ID of a user. This property should be specified when the value of the action property is set to access.

    user_ids[]

    array of strings

    Specifies an array of IDs of users. Up to 100 users can be processed at once. This property should be specified when the value of the action property is set to delete.

    channel_delete_option

    string

    Determines the scope of group channels to delete in addition to deleting users specified in the user_ids property. Acceptable values are the following:
    - do_not_delete (default): the specified users are deleted but the group channels they are in will remain.
    - 1_on_1: only 1-on-1 group channels the specified users are in will be deleted. (This option can be useful when eliminating spam users)
    - all: all group channels the specified users are in will be deleted.

    * This only works when the value of the action property is set to delete.

    accessdelete
    {
    "action": "access",
    "user_id": "Julia"
}

    Response

    Copy link

    If successful, this action returns information about the GDPR request in the response body.

    accessdelete
    # Status: 200 OK
{
    "request_id": "9812a469aa58471",
    "action": "access",
    "status": "scheduled",
    "user_id": "Julia",
    "created_at": 1565167921000
}

    In the case of an error, an error object is returned. A detailed list of error codes is available here.

    On this page
    HTTP requestRequest bodyResponse