1. Administration Guide
  2. Appendix: Managing User Information Through the Data Privacy Services

C Appendix: Managing User Information Through the Data Privacy Services

Retail Home deploys the Platform Data Privacy Services to manage user information recorded during operations. These services are available in the retail home environment under <namespace>/RetailAppsDataPrivServices.

Example

Retail Home deploys the Data Privacy Services to https://home.retail.us-ashburn-1.ocs.oraclecloud.com/rgbu-common-rhdev-dev99-rh/RetailAppsDataPrivServices

Authenticating with the Data Privacy Services

Calling the Data Privacy Services requires the role DATAPRIV_ADMINISTRATOR_REST_API_ROLE. Users with this role should generate an OAuth token and attach it in the Authorization header of requests.

Alternatively, the services can be authenticated against using the scope rgbu:rh:datapriv-RH-<environment>, where environment is the environment type and index (for example, rgbu:rh:datapriv-RH-STG1). An OAuth token generated for this scope can also be used in the Authorization header.

Getting User Information

To check whether information has been stored for a specific user, make a GET request to /RetailAppsDataPrivServices/rest/privatedata/user?customer_id=<username>, filling in the username for the customer_id parameter.

The call should have the following headers:

  • Authorization: Bearer <OAuth token>

  • Accept: application/json

The response will have the following form (if there are no records for the user, the sections will be empty):

{
  "User Information": {
    "list": [
      [
        {
          "USER_ID": "retail.user"
        }
      ],
      [
        {
          "USER_ID": "retail.user"
        }
      ]
    ]
  }
}

Deleting User Information

To replace all instances of a user’s name in the database with a dummy value, make a DELETE request to /RetailAppsDataPrivServices/rest/privatedata/user?customer_id=<username>::<dummy>, filling in the username for the customer_id parameter. The dummy string can be replaced with any other arbitrary string, which will replace the username in the database.

The call should have the following headers:

  • Authorization: Bearer <OAuth token>

A successful request returns an empty HTTP 200 response.