Segment Config

This documentation for the Segment Config integration describes the technical capabilities of this integration, including authorization, scopes/permissions, and utilized endpoints. For more information on how to integrate Segment Config, visit our connection instructions.

Version

This integration utilizes the Segment Config API v1beta.

Base URL

The base URL used for all Segment Config API endpoints:

https://platform.segmentapis.com/v1beta

---

Authentication & Authorization

The DataGrail Segment Config integration connects using token authentication which requires an API Key and Workspace Name.

Sensitive Credentials

Publicly exposing your API credentials can allow unauthorized access to Segment Config API endpoints by a third party. DataGrail stores your API credentials encrypted and protected.

Endpoints Utilized

DataGrail uses the following endpoints to authorize and test the connection:

Method	Endpoint	Purpose	Docs
GET	/workspaces	Validate credentials

Scopes

The Segment Config integration requires specific scopes that must be granted in order to function for a given capability.

Scope	Base	Deletion	System Detection
Workspace Owner > All Resources	✅	✅	✅

Base Scopes

All base scopes must be granted in order to connect the integration with DataGrail. The remaining scopes are only required if enabling those capabilities

---

Limits

Limits in Segment Config are calculated using the leaky bucket algorithm. All requests that are made after rate limits have been exceeded are throttled and an HTTP 429 Too Many Requests error is returned. Requests succeed again after enough requests have emptied out of the bucket.

• DataGrail supports requests throttling to stay within 70-80% of specified service rate limits.
• DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

---

Capabilities

Deletion

DataGrail's Segment Config integration provides Asynchronous (Whole Record) Deletion capabilities for the following supported identifier categories: Email and User ID.

Data Interactions

For Deletion requests, DataGrail will take the following actions:

1. Create a Suppress_With_Delete regulation on the configured workspace for all configured identifiers, which are included in an array in the user_id field.
2. Create a scheduling task to check the status of the submitted regulation.
3. The deletion request will remain in the "processing" status in DataGrail, until Segment erases the requested data.

Endpoints Utilized

Method	Endpoint	Purpose	Docs
GET	/workspaces/workspace/regulations	Fetch information about a previously submitted deletion regulation.
POST	/workspaces/workspace/regulations	Create a deletion regulation in the configured workspace.

---

System Detection

DataGrail provides continuous system detection, delivering a real-time inventory of your data assets.

Data Interactions

DataGrail's System Detection process runs once daily and reads object properties to detect new systems added in Segment:

1. Fetch list of the workspace's sources.
2. Fetch destinations for each detected source.
3. Extract the following fields for detected source and destination objects:
   • name
   • display_name
   • create_time
   • catalog_name
   • parent
   • enabled

Endpoints Utilized

Method	Endpoint	Docs
GET	/workspaces/workspace/destinations
GET	/workspaces/workspace/sources

---