Profile Command API
The Profile Command API allows an organization to Opt Out on behalf their users.
- Removes the historical profile data from the user profile service.
- Future profile data will not be added to the user profile service.
- The client should continue to pass the same userid for the user. If they create a new userid then we will treat them as a new user.
For an organization to opt out on behalf of there users call of the profile command API, start with the following base URL.
https://{environment}.richrelevance.com/profile-command/{version}
Note: The URL requires the environment (gateway, staging-gateway or qa-gateway), version and parameter(s) to function properly. See below for more information on example URL requests.
OAuth Signature
POST {baseUrl}/oath2/token
Request an authorization bearer token by authenticating using your client credentials. The /oauth2/token endpoint must be called first to get a token that will give access to the other endpoints. Use the client id and secret sent to you by Algonomy. The response from this API will contain your token, which will be valid until it is manually revoked. The response will be provided as JSON.
On all requests to the product and catalog APIs, pass an "Authorization: bearer MY_TOKEN" header. When the token expires you will need to get a new one using your client id and secret again.
| Name | Required or Optional | Description |
|---|---|---|
| grant_type | Required (string) | The access token type. This is always client_credentials |
| client_id | Required (string) | The client's ID |
| client_secret | Required (string) |
Example
Request:
Substitute your client_id and client_secret in the placeholders of the example.
curl -X POST \ https://{environment}.richrelevance.com/profile-command/v1/oauth2/token \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d 'grant_type=client_credentials&client_id={clientId}&client_secret={clientSecret}'
Good Response:
{
"token_type": "bearer",
"access_token": "AABBCCDD"
}
Error Response:
{
"error_description": "Invalid client authentication",
"error": "invalid_client"
}
or
{
"error_description": "Invalid grant_type",
"error": "unsupported_grant_type"
}
Client API Keys and Secrets
To create a client key and a client secret, contact your Algonomy team, who will make sure you have access to the Personalization Cloud dashboard. Your clientApiKey will be accessible through the dashboard, but the clientSecret is a specific value for the clientApiKey and will need to be communicated via email or phone.
Client secrets need to be kept secure. They should never be shared, and only ever passed via HTTPS.
Updating Opt Out
PUT {baseUrl}/optOut/{userId}
PUT: Enable or disable the opt out of a user with the given ID.
| Name | Required or Optional | Description |
|---|---|---|
| userId | Required (string) | A path parameter used to give the user Id the data is being sent on behalf. |
| type | Required (string) | "optOut" is the only value currently available. In the future other types of data will be able to be sent. |
| enableOptOut | Required (string) | Boolean value: true or false. "true" will opt the user out. "false" will opt them back in. |
Example
Request:
Substitute the userId in its placeholder and the access_token received from the oauth request in the "token" placeholder.
curl -X PUT \
https://{environment}.richrelevance.com/profile-command/v1/optOut/{userId} \
-H 'Authorization: Bearer {token}' \
-H 'Content-Type: application/json' \
-d '{
"type": "optOut",
"enableOptOut": true
}'
Good Response:
{}
Error Response:
{
"error_description": "The access token is invalid or has expired",
"error": "invalid_token"
}