Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Basecamp

Authentication & Authorization

Credentials

  • Basecamp API uses authentication with an OAuth2 Access Token in the Authorization request header field (which uses the Bearer authentication scheme to transmit the Access Token).

  • Client ID and Client Secret credentials can be obtained during the setup of the Basecamp application (see the help docs).

  • Publicly exposing your API credentials can allow unauthorized access to the Basecamp API endpoints, and your Basecamp data by a third party. DataGrail stores your API credentials encrypted and protected.

Permissions

“Basecamp 3” product should be selected in the OAuth application configuration (see the help docs).

Scopes

No special scopes required and used to connect API with related credentials.

Endpoints Utilized

  • Request authorization:

    • GET https://launchpad.37signals.com/authorization/new

  • Get and refresh access token:

    • POST https://launchpad.37signals.com/authorization/token

  • Verify authentication and get {{BASE_URL}}:

    • GET https://launchpad.37signals.com/authorization

Version

Basecamp integration currently supports version 3.

Limits

The rate limit restricts the total number of queries each Basecamp API client can run. DataGrail uses throttling rules to avoid rates faster than 50 requests per 10 seconds and 10000 requests per day.

Access

For an access request, DataGrail will take the following actions:

  • Fetch all people.

  • Select people whose email address matches the email from the Data Subject provided in the request and save as “contacts” objects.

  • If a people match is found:

    • Fetch all comments (with pagination and batch processing).

    • Select comments whose creator’s email address matches the email from the Data Subject provided in the request.

  • For “contacts” objects found, DataGrail will return the next available fields: “id”, “name”, “email_address”, “title”, “bio”, “created_at”, “updated_at”, “time_zone”, “avatar_url”, “company”.

  • For “comments” objects found, DataGrail will return the next available fields: “id”, “created_at”, “creator”, “title”, “url”, “content”.

  • You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.

Endpoints Utilized

  • GET {{BASE_URL}}/people

  • GET {{BASE_URL}}/projects/recordings

Deletion

DataGrail supports the Direct Contact Deletion workflow for Basecamp.

 

Need help?
If you have any questions, please reach out to your dedicated Account Manager or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.