Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

mParticle

Authentication & Authorization

Credentials

  • mParticle Data Subject Request API uses Basic Authentication via Workspace Key and Workspace Secret.
  • mParticle Identity and Events API uses Basic Authentication via Web Key and Web Secret.
  • mParticle API credentials can be obtained in the mParticle dashboard. See mParticle Connection Instructions.
  • Publicly exposing your API credentials can allow unauthorized access to the mParticle API endpoints, and your mParticle data by a third party. DataGrail stores your API credentials encrypted and protected.

Scopes

All data in mParticle is organized in three tiers: an organization can contain one or more accounts, and each account can contain one or more workspaces. The workspace identity scope means that user profiles and known users are only required to be unique within the scope of a single workspace. The default identity scope is set to workspace. This helps to prevent any unwanted data corruption that could result from using API calls in multiple workspaces.

Data Subject Request API credentials are also issued at the level of an mParticle Workspace. This authentication is for a single workspace and scopes the DSR to this workspace only.

Events Base URL

The base URL for the mParticle Events API varies depending on the data localization region for your mParticle account.

For example, United States (US1) EVENTS_BASE_URL is:

  • https:​://s2s.mparticle.com

Endpoints Utilized

DataGrail uses the following endpoints to verify API connection:

  • GET https:​//opendsr.mparticle.com/v3/requests/0
  • POST https:​//{EVENTS_BASE_URL}/v2/events

Version

DataGrail mParticle integration currently supports:

  • Identity API Version 1 (v1)
  • Events API Version 2 (v2).
  • Data Subject Request API Version 3.

Limits

mParticle APIs have two types of rate limits in place to protect mParticle’s servers from high demand:

  • Speed: limits the rate of traffic.
  • Acceleration: limits the rate of increase of traffic.

DataGrail supports requests throttling to stay within 70-80% of specified service rate limits.

Access

For an access request, DataGrail will take the following actions:

  • Submit a Data Subject Request (DSR):
    • Regulation: gdpr.
    • Subject Request Type: access.
    • Subject identities includes the Data Subject email.
  • Start scheduling task for regular checking status of the submitted DSR.
  • Download requested results data by the download link (if found), when DSR status is completed.
  • For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.

DataGrail also supports the Direct Contact Access workflow for mParticle.

Endpoints Utilized

  • POST https:​//opendsr.mparticle.com/v3/requests
  • GET https:​//opendsr.mparticle.com/v3/requests/{request_id}
  • GET {results_url}

Deletion

For a deletion request, DataGrail will take the following actions:

DataGrail also supports the Direct Contact Deletion workflow for mParticle.

Endpoints Utilized

  • POST https:​//opendsr.mparticle.com/v3/requests
  • GET https:​//opendsr.mparticle.com/v3/requests/{request_id}
  • POST https:​//identity.mparticle.com/v1/search

Do Not Sell

For a Do Not Sell request, DataGrail will take the following actions:

Endpoints Utilized

  • POST https:​//identity.mparticle.com/v1/search
  • POST https:​//{EVENTS_BASE_URL}.mparticle.com/v2/events

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.