Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

CommonRoom

Authentication & Authorization

Credentials

  • CommonRoom uses token-based authentication, allowing users to authenticate API requests by inputting their API tokens into the HTTP authorization bearer token header.
  • API Token can be obtained via CommonRoom account (see CommonRoom Connection Instructions).
  • Publicly exposing your API tokens can allow unauthorized access to the CommonRoom API endpoints, and your CommonRoom data by a third party. DataGrail stores your API tokens encrypted and protected.

Endpoints Utilized

DataGrail uses the following endpoint to validate that credentials are good based on a successful response:

  • GET https:​//api.commonroom.io/community/v1/api-token-status

Limits

  • CommonRoom imposes limits on API requests. Users who send many requests in quick succession may see error responses that show up as status code 429.
  • DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Access

For an access request, DataGrail will take the following actions:

  • Search Contact by email or socials. CommonRoom API supports search by identifiers for Twitter, GitHub and LinkedIn.
  • For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject in the "Pending Action" state on a Privacy Request.

Endpoints Utilized

  • GET https:​//api.commonroom.io/community/v1/members
note

DataGrail also supports the Direct Contact Access workflow for CommonRoom.

Deletion

For a deletion request, DataGrail will take the following actions:

  • Request Contact anonymization: request removal of all personally identifiable information (PII) for the Contact associated by this email address. This request will be processed asynchronously, deletion may not be performed immediately and may take up to 15 days. If customer has specified any of supported social media ID in the deletion request, then DataGrail tries to find Contact by this social media ID and then obtain its email address for anonymization, since CommonRoom API supports Contact anonymization by email address only.

  • Continuously repeat search contact by the Data Subject email to verify the deletion.

Endpoints Utilized

  • DELETE https:​//api.commonroom.io/community/v1/user/{email}

  • GET https:​//api.commonroom.io/community/v1/members

DataGrail also supports the Direct Contact Deletion workflow for CommonRoom.

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.