Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Zip

Authentication & Authorization

Credentials

  • Zip uses API key that is passed as Zip-Api-Key authorization header to allow access to the API.
  • API Key can be obtained via Zip account (see Zip Connection Instructions).
  • Publicly exposing your API keys can allow unauthorized access to the Zip API endpoints, and your Zip data by a third party. DataGrail stores your API keys encrypted and protected.

Permissions

API Keys may be assigned certain permissions that limit which API endpoints they can access. Zip API Key for DataGrail should be configured to allow certain API calls (see Zip Connection Instructions).:

  • User: Read only

  • Request: Read only

Endpoints Utilized

DataGrail uses the following endpoint to validate that credentials are good based on a successful response:

  • GET https:​//api.ziphq.com/users

Limits

  • Zip imposes limits on API requests. Users who send many requests in quick succession may see error responses that show up as status code 429.
  • DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Access

For an access request, DataGrail will take the following actions:

  • Search user by the email
  • Search requests by user ID of the requester
  • For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.

Endpoints Utilized

  • GET https:​//api.ziphq.com/users
  • GET https:​//api.ziphq.com/requests
note

DataGrail also supports the Direct Contact Access workflow for Zip.

Deletion

DataGrail supports only the Direct Contact Deletion workflow for Zip.

System Detection

DataGrail provides continuous system detection, delivering a real-time inventory of your data assets.

For an system detection requests, DataGrail will take the following actions:

note

The initial system detection request upon connection of the integration will fetch all available vendors, but subsequent requests will only fetch new and updated vendors.

Endpoints Utilized

  • GET https:​//api.ziphq.com/vendors

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.