Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Sailthru

Authentication & Authorization

Credentials

  • Sailthru connects via a shared-secret hash authentication mechanism where for each request DataGrail passes a unique signature (sig) value.

  • This signature is calculated using the company's unique API Key, Secret (see the help docs) and the unique parameter values DataGrail sends for the current request.

  • Publicly exposing your API credentials can allow unauthorized access to the Sailthru API endpoints, and your Sailthru data by a third party. DataGrail stores your API credentials encrypted and protected.

Permissions

For added security, Sailthru strongly recommends to restrict the list of IPs allowed to access API (see the help docs).

Scopes

No special scopes required and used to connect API with related credentials.

Endpoints Utilized

DataGrail calls the next endpoint to verify authentication and successful API connection:

DataGrail does not use this endpoint for any other purpose nor uses any of the data returned.

Limits

Sailthru API requests are subject to rate limits in order to provide a consistent, high-performance experience for all users, ensuring that no single source can overwhelm system resources. If a request exceeds the limit, the request is rejected with an HTTP response code of 429 (Too Many Requests).

DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Access

For an access request, DataGrail will take the following actions:

  • Search for a user whose ID matches the email from the Data Subject provided in the request.

  • If a user match is found:

    • Retrieve all campaigns by scheduled status method (with pagination and batch processing).

    • Search matching list value to the user’s lists.

    • Collect campaigns related to the user.

  • For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.

Endpoints Utilized

Deletion

For a deletion request, DataGrail will take the following actions:

  • Request a user be deleted.

  • Deleting a user permanently removes that user’s profile within Sailthru, including any associated records such as purchase and pageview information.

Endpoints Utilized

Do Not Sell

For Do Not Sell request, DataGrail will take the following actions:

  • Search for a user whose ID matches the email from the Data Subject provided in the request.

  • If a user match is found:

    • Analyze value of “optout_email” status.

    • Update user’s “optout_email” status according to the customer request.

Endpoints Utilized

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.