Skip to main content

Profile Command API

The Profile Command API allows an organization to Opt Out on behalf their users.

  • Removes the historical profile data from the user profile service.
  • Future profile data will not be added to the user profile service.
  • The client should continue to pass the same userid for the user. If they create a new userid then we will treat them as a new user. 

For an organization to opt out on behalf of there users call of the profile command API, start with the following base URL.  


Note: The URL requires the environment (gateway, staging-gateway or qa-gateway), version and parameter(s) to function properly. See below for more information on example URL requests.

Description: Provide updates to the user profile in the user profile service (currently only implements opt out).

OAuth Signature

POST {baseUrl}/oath2/token

Request an authorization bearer token by authenticating using your client credentials. The /oauth2/token endpoint must be called first to get a token that will give access to the other endpoints. Use the client id and secret sent to you by Algonomy. The response from this API will contain your token, which will be valid until it is manually revoked. The response will be provided as JSON.

On all requests to the product and catalog APIs, pass an "Authorization: bearer MY_TOKEN" header. When the token expires you will need to get a new one using your client id and secret again.

Name Required or Optional Description
grant_type Required (string) The access token type. This is always client_credentials
client_id Required (string) The client's ID
client_secret Required (string)

A unique key to authorize a client app on behalf of the partner.

Example: clientSecret=wbhz6c41



Substitute your client_id and client_secret in the placeholders of the example.

curl -X POST \
  https://{environment} \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'grant_type=client_credentials&client_id={clientId}&client_secret={clientSecret}'

Good Response:

"token_type": "bearer",
"access_token": "AABBCCDD"

Error Response: 

"error_description": "Invalid client authentication",
"error": "invalid_client"


"error_description": "Invalid grant_type",
"error": "unsupported_grant_type"

Client API Keys and Secrets

To create a client key and a client secret, contact your Algonomy team, who will make sure you have access to the Personalization Cloud dashboard. Your clientApiKey will be accessible through the dashboard, but the clientSecret is a specific value for the clientApiKey and will need to be communicated via email or phone.

Client secrets need to be kept secure. They should never be shared, and only ever passed via HTTPS.

Updating Opt Out

PUT {baseUrl}/optOut/{userId}

PUT: Enable or disable the opt out of a user with the given ID.

Name Required or Optional Description
userId Required (string) A path parameter used to give the user Id the data is being sent on behalf.
type Required (string) "optOut" is the only value currently available. In the future other types of data will be able to be sent.
enableOptOut Required (string) Boolean value: true or false. "true" will opt the user out. "false" will opt them back in.



Substitute the userId in its placeholder and the access_token received from the oauth request in the "token" placeholder.

curl -X PUT \
  https://{environment}{userId} \
  -H 'Authorization: Bearer {token}' \
  -H 'Content-Type: application/json' \
  -d '{
"type": "optOut",
"enableOptOut": true

Good Response:


Error Response:

"error_description": "The access token is invalid or has expired",
"error": "invalid_token"
  • Was this article helpful?