Integrating Internal Systems (Token Based)
Capabilities
DataGrail's Internal Systems (Token Based) integration provides the following capabilities:
| Product | Capability | ||||
|---|---|---|---|---|---|
| Request Manager |
|
Before You Start
To successfully configure this integration, please ensure you have sufficient privileges:
- DataGrail User Role: Super Admin, Connections Manager
- Internal Systems (Token Based) User Role: Admin
Confirm that your deployment is securely configured:
- Network Ingress Rules: Allow inbound traffic only on port 443 (HTTPS) from DataGrail's VPC IP
52.36.177.91. All other sources should be denied access to this port.
Once configured, this integration will be added to all new privacy requests!
If requests are already being processed DataGrail, confirm the following before continuing:
- Testing has been completed
- Changes coordinated with your team
Connect to DataGrail
- In DataGrail, navigate to Integrations and select Configure New Integration to search for Internal Systems (Token Based).
- Enter an Integration Name that includes additional context like hosting platform and environment (e.g.
AWS Test us-west-2). - Under Enabled Identifiers, select only the applicable identifiers that the system is configured to receive. If you are unsure, only select
Email. - Enter the API Token you created for DataGrail to authenticate with the API.
- Enter the API Base URL to use for all API requests. It must begin with
https://(e.g.https://datagrail.acme.com). - Select the Data Retrieval behavior for deletions.
warning
When using Retrieve Data, the data reviewed may not be exactly what is deleted due to the access and deletion logic executing separately!
- Select Configure Integration to connect. If the connection was unsuccessful, review your cloud provider logs for error details and see below for additional troubleshoooting.
Next Steps
Now that you've successfully connected the integration, check out the following resources:
- Synchronous vs. Asynchronous Integrations
- Whole Record Deletion
- Access Request Lifecycle
- Deletion Request Lifecycle
Troubleshooting
If you are unable to successfully connect the integration, review these common troubleshooting steps:
Ensure that DataGrail is able to reach the service
After configuring the integration, DataGrail will make requests to the API. If you do not see a request in your application logs, check the following:
- In DataGrail, was the correct API Base URL entered?
- Within your infrastructure, check the perimeter logs (e.g. Application Load Balancer) to see if the request was received and forwarded to the service.
Check your application logs
If the request from DataGrail was received by the application, check your application logs for additional information:
- Confirm that the correct API Token was used to configure this integration in DataGrail.
- Confirm that the request was sent to a valid application endpoint.
Technical Details
| Access Type | Asynchronous |
|---|---|
| Deletion Type | Asynchronous (Whole Record) |
| Opt Out Type | Synchronous |
API Documentation
Learn more about this API implementation in our Internal Systems API Specification.
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.