API Overview

Public API
GDPR-Service
Exported on 02/08/2020
GDPR-Service – Public API
– 2
Table of Contents
1 API Methods.......................................................................................................... 5
1.1 Standard.....................................................................................................................................5
1.2 Professional................................................................................................................................5
1.3 Enterprise ...................................................................................................................................5
1.4 adddomain .................................................................................................................................6
1.4.1 Request..................................................................................................................................................................... 6
1.4.2 Response .................................................................................................................................................................. 7
1.4.3 Example.................................................................................................................................................................... 7
1.5 addpath ......................................................................................................................................8
1.5.1 Request..................................................................................................................................................................... 8
1.5.2 Response .................................................................................................................................................................. 8
1.5.3 Example.................................................................................................................................................................... 9
1.6 cookiecollection.........................................................................................................................9
1.6.1 Request................................................................................................................................................................... 10
1.6.2 Response ................................................................................................................................................................ 10
1.6.3 Example.................................................................................................................................................................. 12
1.7 cookieinfobyname ...................................................................................................................13
1.7.1 Request................................................................................................................................................................... 13
1.7.2 Response ................................................................................................................................................................ 14
1.7.3 Example.................................................................................................................................................................. 14
1.8 domainlist.................................................................................................................................15
1.8.1 Request................................................................................................................................................................... 15
1.8.2 Response ................................................................................................................................................................ 16
1.8.3 Example.................................................................................................................................................................. 16
1.9 domainstatus ...........................................................................................................................17
1.9.1 Request................................................................................................................................................................... 17
1.9.2 Response ................................................................................................................................................................ 18
1.9.3 Example.................................................................................................................................................................. 19
1.10 joblist ........................................................................................................................................19
1.10.1 Request................................................................................................................................................................... 20
1.10.2 Response ................................................................................................................................................................ 20
1.10.3 Example.................................................................................................................................................................. 21
GDPR-Service – Public API
– 3
1.11 packagedetails .........................................................................................................................22
1.11.1 Response ................................................................................................................................................................ 23
1.11.2 Example.................................................................................................................................................................. 23
1.12 packagelist ...............................................................................................................................24
1.12.1 Request................................................................................................................................................................... 24
1.12.2 Response ................................................................................................................................................................ 26
1.12.3 Example.................................................................................................................................................................. 26
1.13 pathlist......................................................................................................................................28
1.13.1 Request................................................................................................................................................................... 28
1.13.2 Response ................................................................................................................................................................ 28
1.13.3 Example.................................................................................................................................................................. 29
1.14 report........................................................................................................................................30
1.14.1 Request................................................................................................................................................................... 30
1.14.2 Response ................................................................................................................................................................ 30
1.14.3 Example.................................................................................................................................................................. 31
1.15 scanstatus ................................................................................................................................33
1.15.1 Request................................................................................................................................................................... 33
1.15.2 Response ................................................................................................................................................................ 34
1.15.3 Example.................................................................................................................................................................. 34
1.16 signature...................................................................................................................................35
1.16.1 Request................................................................................................................................................................... 35
1.16.2 Request example.................................................................................................................................................... 35
1.16.3 Response ................................................................................................................................................................ 36
1.16.4 Example.................................................................................................................................................................. 36
1.17 signatureelementfilter.............................................................................................................37
1.18 signatureelementgroupcookiemapping.................................................................................38
1.19 token.........................................................................................................................................39
1.19.1 Request................................................................................................................................................................... 39
1.19.2 Response ................................................................................................................................................................ 40
1.19.3 Example.................................................................................................................................................................. 40
1.20 verify .........................................................................................................................................41
1.20.1 Request................................................................................................................................................................... 41
1.20.2 Response ................................................................................................................................................................ 42
1.20.3 Example.................................................................................................................................................................. 42
GDPR-Service – Public API
– 4
1.21 verifydomain ............................................................................................................................43
1.21.1 Request................................................................................................................................................................... 43
1.21.2 Response ................................................................................................................................................................ 44
1.21.3 Example.................................................................................................................................................................. 44
2 Glossary .............................................................................................................. 46
2.1 Conventions .............................................................................................................................46
2.2 Status Codes.............................................................................................................................46
GDPR-Service – Public API
API Methods – 5
1 API Methods
1.1 Standard
Reports CSV
get (timeragen, path, domain)
Package
Infos
List
Domain
Add
VerifyFile
Verify
Status
List
Pfade
Add
List
Scan
Status
initialize ( domain)
1.2 Professional
Reports PDF
get (timeragen, path, domain)
Graphs SVG
get ( timerange, path, domain )
Cookie
getCookie(byName)
Languages
Multilanguage
1.3 Enterprise
Scan
realtime
Statistics CSV / PDF (soon)
get ( timerange, path, domain )
GDPR-Service – Public API
API Methods – 6
Signet (like trustedshops)
get (Domain)
Competitor
J
1.4 adddomain
Allows for domain registration. The domain will be added to the most recent non-expired purchased package. The
amount of domains which can be registered is limited by the purchased package.
1.4.1 Request
Method URL
POST
adddomain/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY domain string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain to be registered.
1 https://api.gdpr-service.com
2 http://www.test1.de
GDPR-Service – Public API
API Methods – 7
1.4.2 Response
200 {
"domain": "https://www.yourdomainhere.com",
"packagegroup": 1
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.4.3 Example
GET /adddomain HTTP/1.1
Host: api.gdpr-service.com
1
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoi
nt
Auth M
et
ho
d
Payload Response
adddoma
in
Bearer
Token
SHA1 -
LicenseKey
PO
ST
{
"domain": "www.
test1.de
2
"
}
Header: 200 Done
{
"domain": "https://
www.yourdomainhere.com",
"packagegroup": 1
}
---
GDPR-Service – Public API
API Methods – 8
1.5 addpath
Allows for URI/path registration. The path will be attached to the most recent non-expired purchased package. The
amount of paths which can be registered is limited by the purchased package.
1.5.1 Request
Method URL
POST
addpath/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY domain string
BODY path
string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
body: path
The path/URI to be registered, bind by domain.
1.5.2 Response
200
{
"packagegroup": 2,
"domain": "mywebsite.com
3
",
4 https://api.gdpr-service.com
5 http://mywebsite.com
GDPR-Service – Public API
API Methods – 9
"path": "contact-me/?some=param"
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.5.3 Example
POST /adddomain HTTP/1.1
Host: api.gdpr-service.com
4
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoi
nt
Auth M
et
ho
d
Payload Response
addpath Bearer
Token
SHA1 -
LicenseKey
PO
ST
{
"domain": "https://
www.yourdomainhere.com
",
"path": "contact-me/?
some=param"
}
Header: 200 Done
{
"packagegroup": 2,
"domain": "mywebsite.com
5
",
"path": "contact-me/?some=param"
}
---
1.6 cookiecollection
Authenticate the user with the system and obtain the auth_token
6 http://track.adform.net/
GDPR-Service – Public API
API Methods – 10
1.6.1 Request
Method URL
GET cookiecollection/
Type Params Values
HEAD api_key string
HEAD Accept string
GET domain string
GET locale string
api_key
api_key must be sent with all client requests. The api_key helps the server to validate the request source.
accept
contains api version string and vendor MIME media types
1.6.2 Response
Status Response
200 {
"cookielist":[
  {
"cookie_host":"track.adform.net
6
",
"cookie_name":"C",
"cookie_path":"/",
"cookie_persistent":1,
"cookie_secure":0,
"cookie_https_only":0,
"cookie_priority":1,
"expire_utc":13220260100727812,
"creation_utc":13217668100727216,
"classification": "unknown",
"cookie_group": "essential",
"description": {
GDPR-Service – Public API
API Methods – 11
Status Response
"de_DE": "Text in Deutsch",
"en_US": "Text in Englisch"
}
  },
  {
    ...
  }
  ]
}
200 {
  "auth_key": <auth_key>
}
auth_key (string) - all further API calls must have this key in
header
403 {"error":"API key is missing."}
400 {"error":"Please provide username."}
400 {"error":"Please provide password."}
401 {"error":"Invalid API key."}
401 {"error":"Incorrect username or password."}
500 {"error":"Something went wrong. Please try again later."}
7 https://api.gdpr-service.com
8 http://www.test1.de
9 http://track.adform.net
GDPR-Service – Public API
API Methods – 12
1.6.3 Example
GET /cookiecollectionHTTP/1.1
Host: api.gdpr-service.com
7
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
EndPoi
nt
Auth M
e
t
h
o
d
Payload Response Description
cooki
ecoll
ectio
n
Bearer
Token
SHA1 -
Licens
eKey
P
O
S
T
{
"domain":
"
www.test1.
de
8
",
"locale":
[
"de_DE",
         
"en_US"
]
}
Header: 200 Done
{
 "cookielist": [
 {
  "cookie_host":
"track.adform.net
9
",
  "cookie_name": "C",
  "cookie_path": "/",
  "cookie_persistent": 1,
  "cookie_secure": 0,
  "cookie_https_only": 0,
  "cookie_priority": 1,
  "expire_utc":
13220260100727812,
  "creation_utc":
13217668100727216,
 "classification": "unknown",
  "cookie_group": "essential",
  "description": {
   "de_DE": "Text in
Deutsch",
   "en_US": "Text in
Englisch"
  }
 },
 ...
 ]
}
API Endpoint for get all
Cookies per Domain
GDPR-Service – Public API
API Methods – 13
---
1.7 cookieinfobyname
Allows for URI/path registration. The path will be attached to the most recent non-expired purchased package. The
amount of paths which can be registered is limited by the purchased package.
1.7.1 Request
Method URL
POST
cookieinfobyname/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY name string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: name
The cookie name in which information will be fetched.
10 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 14
1.7.2 Response
200 {
"cname": "__cfduid",
"descriptionEN": "Cookie assoiated with sites using CloudFlare, used to speed up page load times.
According to CloudFlare it is used to override any security restrictions based on the IP address the
visitor is coming from. It does not contain any user identification information. ",
"cgroup": "Strictly Necessary",
"descriptionDE": "Cookie, das mit Sites, die CloudFlare verwenden, assoiiert wird, um die
Seitenladezeiten zu beschleunigen. Nach CloudFlare wird es verwendet, um alle
Sicherheitseinschränkungen basierend auf der IP-Adresse, die der Besucher kommt von zu
überschreiben. Sie enthält keine Informationen zur Benutzeridentifikation. "
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.7.3 Example
GET /cookieinfobyname
HTTP/1.1
Host: api.gdpr-service.com
10
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
GDPR-Service – Public API
API Methods – 15
Endpoi
nt
Auth M
et
ho
d
Payload Response
cookiei
nfobyna
me
Bearer
Token
SHA1 -
LicenseKey
PO
ST
?name=cookiename Header: 200 Done
{
"cname": "__cfduid",
"descriptionEN": "Cookie assoiated with sites
using CloudFlare, used to speed up page load
times. According to CloudFlare it is used to
override any security restrictions based on
the IP address the visitor is coming from. It
does not contain any user identification
information. ",
"cgroup": "Strictly Necessary",
"descriptionDE": "Cookie, das mit Sites, die
CloudFlare verwenden, assoiiert wird, um die
Seitenladezeiten zu beschleunigen. Nach
CloudFlare wird es verwendet, um alle
Sicherheitseinschränkungen basierend auf
der IP-Adresse, die der Besucher kommt von
zu überschreiben. Sie enthält keine
Informationen zur Benutzeridentifikation. "
}
---
1.8 domainlist
Allows for URI/path registration. The path will be attached to the most recent non-expired purchased package. The
amount of paths which can be registered is limited by the purchased package.
1.8.1 Request
Method URL
GET domainlist/
11 http://stiefelparadies.de
12 http://stackoverflow.com
GDPR-Service – Public API
API Methods – 16
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
1.8.2 Response
200 [
{
"domain": "stiefelparadies.de
11
",
"creation": "2019-12-09T11:00:00.000Z",
"last_update": "2019-12-10T13:23:59.000Z",
"packagegroup": 1
},
{
"domain": "stackoverflow.com
12
",
"creation": "2019-12-09T10:59:54.000Z",
"last_update": "2019-12-09T13:12:40.000Z",
"packagegroup": 1
},
...
]
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.8.3 Example
GET /domainlist
13 https://api.gdpr-service.com
14 http://stiefelparadies.de
15 http://stackoverflow.com
GDPR-Service – Public API
API Methods – 17
HTTP/1.1
Host: api.gdpr-service.com
13
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoi
nt
Auth M
et
ho
d
Payload Response
domainl
ist
Bearer
Token
SHA1 -
LicenseKey
GE
T
Header: 200 Done
[
{
"domain": "stiefelparadies.de
14
",
"creation": "2019-12-09T11:00:00.000Z",
"last_update": "2019-12-10T13:23:59.000Z",
"packagegroup": 1
},
{
"domain": "stackoverflow.com
15
",
"creation": "2019-12-09T10:59:54.000Z",
"last_update": "2019-12-09T13:12:40.000Z",
"packagegroup": 1
},
...
]
---
1.9 domainstatus
Allows customers to get the status for a given domain.
1.9.1 Request
Method URL
GET domainstatus/
16 http://mywebsite.com
GDPR-Service – Public API
API Methods – 18
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY domain string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
1.9.2 Response
200 {
"domain": "mywebsite.com
16
",
"creation": "2019-12-13T10:07:05.000Z",
"has_screenshot": false,
"verified": true,
"packagegroup": 2,
"total_registered_paths": 3,
"total_registered_domains": 3,
"max_allowed_domains": 3,
"max_allowed_paths": 20
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
17 https://api.gdpr-service.com
18 http://mywebsite.com
GDPR-Service – Public API
API Methods – 19
1.9.3 Example
GET /domainstatus HTTP/1.1
Host: api.gdpr-service.com
17
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoi
nt
Auth M
et
ho
d
Payload Response
domains
tatus
Bearer
Token
SHA1 -
LicenseKey
GE
T
?domain=https://
domain.com
Header: 200 Done
{
"domain": "mywebsite.com
18
",
"creation": "2019-12-13T10:07:05.000Z",
"has_screenshot": false,
"verified": true,
"packagegroup": 2,
"total_registered_paths": 3,
"total_registered_domains": 3,
"max_allowed_domains": 3,
"max_allowed_paths": 20
}
---
1.10 joblist
Allows customers to get the list of all registered paths for a given domain.
19 http://stiefelparadies.de
20 http://stackoverflow.com
GDPR-Service – Public API
API Methods – 20
1.10.1 Request
Method URL
GET
joblist/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
1.10.2 Response
200 {
"count": 21,
"list": [
{
"hash": "5346219332aa0ba0ebec3ea8f459f1dfea02609c",
"domain": "stiefelparadies.de
19
",
"packagegroup": 1,
"creation": "2019-12-12T07:30:14.000Z"
},
{
"hash": "8146ddecfe7e17fb28aa0b8f88f41a89b8d9f378",
"domain": "stackoverflow.com
20
",
"packagegroup": 1,
"creation": "2019-12-12T07:28:10.000Z"
},
21 https://api.gdpr-service.com
22 http://stiefelparadies.de
23 http://stackoverflow.com
GDPR-Service – Public API
API Methods – 21
...
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.10.3 Example
GET /joblist
HTTP/1.1
Host: api.gdpr-service.com
21
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoin
t
Auth Met
hod
Payload Response
joblist Bearer
Token
SHA1 -
LicenseKey
GET Header: 200 Done
{
"count": 21,
"list": [
{
"hash":
"5346219332aa0ba0ebec3ea8f459f1dfea0
2609c",
"domain": "stiefelparadies.de
22
",
"packagegroup": 1,
"creation": "2019-12-12T07:30:14.000Z"
},
{
"hash":
"8146ddecfe7e17fb28aa0b8f88f41a89b8d
9f378",
"domain": "stackoverflow.com
23
",
"packagegroup": 1,
"creation": "2019-12-12T07:28:10.000Z"
},
GDPR-Service – Public API
API Methods – 22
...
}
---
1.11 packagedetails
Get the details of a package by id.
Request
Method URL
GET
packagedetails/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY packagegroup string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
24 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 23
1.11.1 Response
200 {
"details": {
"packagegroup": 1,
"orderid": 123456789,
"packagename": "GDPR Service 2",
"scaninterval": "1D",
"expire": 1604589419,
"realtimeavailable": 1,
"statisticgraphavailable": 1,
"cookiecountryoriginavailable": 1,
"maxuri": 20,
"maxdomain": 3
}
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.11.2 Example
GET /packagedetails HTTP/1.1
Host: api.gdpr-service.com
24
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
25 https://domain.com
GDPR-Service – Public API
API Methods – 24
Endpoi
nt
Auth M
et
ho
d
Payload Response
package
details
Bearer
Token
SHA1 -
LicenseKey
GE
T
?packagegroup=1
25
Header: 200 Done
{
"details": {
"packagegroup": 1,
"orderid": 123456789,
"packagename": "GDPR Service 2",
"scaninterval": "1D",
"expire": 1604589419,
"realtimeavailable": 1,
"statisticgraphavailable": 1,
"cookiecountryoriginavailable": 1,
"maxuri": 20,
"maxdomain": 3
}
}
---
1.12 packagelist
Get the list of all purchased packages regardless or expire date.
1.12.1 Request
Method URL
GET
packagelist/
GDPR-Service – Public API
API Methods – 25
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
GDPR-Service – Public API
API Methods – 26
1.12.2 Response
200 {
"totalpackages": 4,
"packages": [
{
"packagegroup": 1,
"orderid": 123456789,
"packagename": "GDPR Service 2",
"scaninterval": "1D",
"expire": 1604589419,
"realtimeavailable": 1,
"statisticgraphavailable": 1,
"cookiecountryoriginavailable": 1,
"maxuri": 20,
"maxdomain": 3
},
{
"packagegroup": 2,
"orderid": 321654,
"packagename": "GDPR Service 2",
"scaninterval": "1D",
"expire": 1604589419,
"realtimeavailable": 1,
"statisticgraphavailable": 1,
"cookiecountryoriginavailable": 1,
"maxuri": 20,
"maxdomain": 3
},
...
]
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.12.3 Example
GET /packagelist
26 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 27
HTTP/1.1
Host: api.gdpr-service.com
26
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoin
t
Auth Met
hod
Payload Response
packagelist Bearer
Token
SHA1 -
LicenseKey
GET Header: 200 Done
{
"totalpackages": 4,
"packages": [
{
"packagegroup": 1,
"orderid": 123456789,
"packagename": "GDPR Service 2",
"scaninterval": "1D",
"expire": 1604589419,
"realtimeavailable": 1,
"statisticgraphavailable": 1,
"cookiecountryoriginavailable": 1,
"maxuri": 20,
"maxdomain": 3
},
{
"packagegroup": 2,
"orderid": 321654,
"packagename": "GDPR Service 2",
"scaninterval": "1D",
"expire": 1604589419,
"realtimeavailable": 1,
"statisticgraphavailable": 1,
"cookiecountryoriginavailable": 1,
"maxuri": 20,
"maxdomain": 3
},
...
]
}
---
27 http://mywebsite.com
GDPR-Service – Public API
API Methods – 28
1.13 pathlist
Allows customers to get the list of all registered paths for a given domain.
1.13.1 Request
Method URL
GET pathlist/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY domain string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
1.13.2 Response
200 {
"domain": "mywebsite.com
27
",
"total_paths": 1,
"path_list": [
{
"uri": "contact.html?some=param",
"creation": "2019-12-13T12:07:54.000Z",
"packagegroup": 2,
"totalcookies": 0
},
...
28 https://api.gdpr-service.com
29 http://mywebsite.com
GDPR-Service – Public API
API Methods – 29
]
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.13.3 Example
GET /pathlist HTTP/1.1
Host: api.gdpr-service.com
28
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoi
nt
Auth M
et
ho
d
Payload Response
pathlis
t
Bearer
Token
SHA1 -
LicenseKey
GE
T
?domain=https://
domain.com
Header: 200 Done
{
"domain": "mywebsite.com
29
",
"total_paths": 1,
"path_list": [
{
"uri": "contact.html?some=param",
"creation": "2019-12-13T12:07:54.000Z",
"packagegroup": 2,
"totalcookies": 0
},
...
]
}
---
GDPR-Service – Public API
API Methods – 30
1.14 report
Get cookie list from provided domain and URI by date range.
1.14.1 Request
Method URL
GET report/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY domain string
BODY uri string
BODY from string
BODY to string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
1.14.2 Response
200 {
{
"total": 36,
"cookies": [
{
"chost": "track.adform.net
30
",
31 http://doubleclick.net
32 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 31
"cname": "C",
"cpath": "/",
"csecure": 0,
"cpersistent": 0,
"httponly": 0,
"cpriority": 0,
"expireutc": 1579180320,
"creationutc": 1576501920,
"jobdate": "2019-12-16T12:14:14.000Z",
"packagegroup": 2,
"descriptionEN": null,
"descriptionDE": null
},
{
"chost": "doubleclick.net
31
",
"cname": "IDE",
"cpath": "/",
"csecure": 0,
"cpersistent": 0,
"httponly": 1,
"cpriority": 0,
"expireutc": 1610197920,
"creationutc": 1576501920,
"jobdate": "2019-12-16T12:14:14.000Z",
"packagegroup": 2,
"descriptionEN": "This cookie carries out information about how the end user uses the website and
any advertising that the end user may have seen before visiting the said website.\r\n",
"descriptionDE": "Dieses Cookie enthält Informationen darüber, wie der Endbenutzer die Website und
jede Werbung verwendet, die der Endbenutzer vor dem Besuch der Website gesehen haben kann.\r\n"
},
...
}
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.14.3 Example
GET /report HTTP/1.1
Host: api.gdpr-service.com
32
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
33 http://domain.de
34 http://track.adform.net
35 http://doubleclick.net
GDPR-Service – Public API
API Methods – 32
---
Endpoi
nt
Auth M
et
ho
d
Payload Response
report Bearer
Token
SHA1 -
LicenseKey
GE
T
?domain=domain.de
33
&uri
=contact.html&from=2019-
11-10&to=2019-12-21
Header: 200 Done
{
{
"total": 36,
"cookies": [
{
"chost": "track.adform.net
34
",
"cname": "C",
"cpath": "/",
"csecure": 0,
"cpersistent": 0,
"httponly": 0,
"cpriority": 0,
"expireutc": 1579180320,
"creationutc": 1576501920,
"jobdate": "2019-12-16T12:14:14.000Z",
"packagegroup": 2,
"descriptionEN": null,
"descriptionDE": null
},
{
"chost": "doubleclick.net
35
",
"cname": "IDE",
"cpath": "/",
"csecure": 0,
"cpersistent": 0,
"httponly": 1,
"cpriority": 0,
"expireutc": 1610197920,
"creationutc": 1576501920,
"jobdate": "2019-12-16T12:14:14.000Z",
"packagegroup": 2,
"descriptionEN": "This cookie carries out
information about how the end user uses the
website and any advertising that the end user
may have seen before visiting the said
website.\r\n",
"descriptionDE": "Dieses Cookie enthält
GDPR-Service – Public API
API Methods – 33
Informationen darüber, wie der Endbenutzer
die Website und jede Werbung verwendet,
die der Endbenutzer vor dem Besuch der
Website gesehen haben kann.\r\n"
},
...
}
}
---
1.15 scanstatus
Provides the scan job status for a given domain by `hash` identifier.
1.15.1 Request
Method URL
GET
scanstatus/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY hash string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
36 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 34
1.15.2 Response
200 {
"status": 2,
"message": "Scan job completed."
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.15.3 Example
GET /scanstatus
HTTP/1.1
Host: api.gdpr-service.com
36
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
Endpoi
nt
Auth M
et
ho
d
Payload Response
scanstatus Bearer
Token
SHA1 -
LicenseKey
GE
T
?
hash=c35f78b9d31f070612
18357ae54835f346aa57b5
Header: 200 Done
{
"status": 2,
"message": "Scan job completed."
}
---
GDPR-Service – Public API
API Methods – 35
1.16 signature
Get the latest signature for the given filter.
1.16.1 Request
Method URL
GET signature/
Type Params Values
HEAD Accept string
HEAD Authentication: Bearer {TOKEN} string
GET type string
api_key
api_key must be sent with all client requests. The api_key helps the server to validate the request source.
authentication
Bearer token from api call token
type
contains the filter type, possible values are
filter_magento mapping_elementgroupcookie
1.16.2 Request example
Method Body
GET {
 "filter_type": "filter_magento"
}
37 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 36
1.16.3 Response
Status Response Description
200 {

"signature":"eyJnb29nbGVfYW5hbHl0aWNzIjp7Il
9fdXRtY29v",
 "version":"0.1.5",

"crc":"68c0453d2798c2abc4a2396e85dada198fd
6407f",
 "signature_date":"2019-11-25T23:00:00.000Z",
 "filter_type":"mapping_elementgroupcookie"
}
403 {"error":"Token is missing."}
400 {"error":"Please provide type."}
401 {"error":"Your token is invalid or,
has expired. 125."}
Code 116: token is malformed
Code 125: no token found in database
Code 136: private key has not correct
length
Code 147: expide date validation
failed
500 {"error":"Something went wrong. Please
try again later."}
1.16.4 Example
GET /signature HTTP/1.1
Host: api.gdpr-service.com
37
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
GDPR-Service – Public API
API Methods – 37
1.17 signatureelementfilter
EndPoint Auth Metho
d
Payload Response Description
signatureel
ementfilter
Bearer Token
aus der Oauth
Connection
POST {
"filter_type"
:
"filter_magen
to"
}
Header: 200
Done
{
"signature":
stream,
"version": "1.1.1",
"crc": "hash",
"datum":
"13324241242"
}
Header: 403
Permission
Denied
{
"message": "Error
Message"
}
Header: 500
Server Error
{
"message": "Error
Message"
}
order by newest
Version Limit 1
GDPR-Service – Public API
API Methods – 38
1.18 signatureelementgroupcookiemapping
EndPoint Auth Method Payload Response Description
signatureeleme
ntgroupcookiem
apping
Bearer Token
aus der Oauth
Connection
POST {} Header: 200 Done
{
"signature":
stream,
"version": "1.1.1",
"crc": "hash",
"datum":
"13324241242"
}
Header: 403
Permission
Denied
{
"message": "Error
Message"
}
Header: 500
Server Error
{
"message": "Error
Message"
}
order by newest
Version Limit 1
GDPR-Service – Public API
API Methods – 39
1.19 token
1.19.1 Request
Method URL
POST token/
Type Params Values
HEAD api_key string
HEAD Accept string
POST client_id string
POST client_secret string
client_id
client_idmust be sent with all client requests. The client_id helps the server to validate the request source.
client_secret
client_secretmust be sent with all client requests. The client_secret helps the server to validate the request source.
38 https://api.gdpr-service.com/
GDPR-Service – Public API
API Methods – 40
1.19.2 Response
Status Response
200 Response will be an object containing access datas.
{
"access_token":<access_token>,
 "expires_in": <expiretime_in_seconds>,
 "refresh_token": <refresh_token>,
 "token_type": <Bearer|auth2>
}
access_token(string) - ...
expiretime_in_seconds(int) - ...
refresh_token(string) - ...
token_type(string) - ...
403 {"error":"API key is missing."}
400 {"error":"Please provide username."}
400 {"error":"Please provide password."}
401 {"error":"Invalid API key."}
401 {"error":"Incorrect username or password."}
500 {"error":"Something went wrong. Please try again later."}
1.19.3 Example
GET/tokenHTTP/1.1
Host:api.gdpr-service.com
38
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
GDPR-Service – Public API
API Methods – 41
EndPoin
t
Auth M
e
t
h
o
d
Payload Response Description
token P
O
S
T
{
"client_id":
"pubkey",
"client_secret":
"seckey"
}
Header: 200 Done
{
"access_token":
"safddf545t34t4rhbtrgt54r
g24545g",
 "expires_in": 3600,
 "refresh_token":
"dfgdsghff434rt54hwas",
 "token_type": "Bearer"
}
---
1.20 verify
Generate gdpr domain ownership verification code.
1.20.1 Request
Method URL
GET verify/
Type Params Value
HEADER: Bearer token string
HEADER Content-Type application/json
BODY domain string
token
tokenAuth2.0 authentication header.
39 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 42
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
1.20.2 Response
200 {
"content": "gdpr-site-verification: gdpr-service-d1c34ff18d1d73a861758aedaa0f7aac8c10774d",
"instruction": "Create a file called \"gdpr-service\" (without the quotes) within the root directory of
your website and, paste the \"content\" value in it. The file must be accessible through a browser. Ie,
https://yourdomain.com/gdpr-service"
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.20.3 Example
GET /verify HTTP/1.1
Host: api.gdpr-service.com
39
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
GDPR-Service – Public API
API Methods – 43
Endpoi
nt
Auth M
et
ho
d
Payload Response
verify Bearer
Token
SHA1 -
LicenseKey
GE
T
?domain=https://
domain.com
Header: 200 Done
{
"content": "gdpr-site-verification: gdpr-
service-
d1c34ff18d1d73a861758aedaa0f7aac8c10774
d",
"instruction": "Create a file called \"gdpr-
service\" (without the quotes) within the root
directory of your website and, paste the
\"content\" value in it. The file must be
accessible through a browser. Ie, https://
yourdomain.com/gdpr-service"
}
---
1.21 verifydomain
Verify if customer owns the domain via file verification.
1.21.1 Request
Method URL
POST
verifydomain/
Type Params Value
HEADER: Bearer token string
40 http://www.mydomain.de
41 https://api.gdpr-service.com
GDPR-Service – Public API
API Methods – 44
HEADER Content-Type application/json
BODY domain string
token
tokenAuth2.0 authentication header.
Content-Type
Data transfer in JSON format.
body: domain
The domain in which the path will be registered.
1.21.2 Response
200 {
"status": "verified",
"message": "The domain www.mydomain.de
40
has been verified successfully."
}
403 {"error":"API key is missing."}
401 {"error":"Invalid API key."}
500 {"error":"Something went wrong. Please try again later."}
1.21.3 Example
POST /verifydomain
HTTP/1.1
Host: api.gdpr-service.com
41
Accept: application/vnd.gdpr-service.api+json;version=1.1.0
---
42 http://www.mydomain.de
GDPR-Service – Public API
API Methods – 45
Endpoi
nt
Auth M
et
ho
d
Payload Response
verifydom
ain
Bearer
Token
SHA1 -
LicenseKey
POS
T
?domain=https://
domain.com
Header: 200 Done
{
"status": "verified",
"message": "The domain
www.mydomain.de
42
has been verified
successfully."
}
---
Like(see page 17)Be the first to like this
GDPR-Service – Public API
Glossary – 46
2 Glossary
2.1 Conventions
Client - Client application.
Status - HTTP status code of response.
All the possible responses are listed under ‘Responses’ for each method. Only one of them is issued per
request server.
All response are in JSON format.
All request parameters are mandatory unless explicitly marked as [optional]
The type of values accepted for a request parameter are shown the the values column like this [10|<any
number>].The | symbol means OR. If the parameter is [optional], the default value is shown in blue bold text,
as 10 is written in [10|<any number>].
2.2 Status Codes
All status codes are standard HTTP status codes. The below ones are used in this API.
2XX - Success of some kind
4XX - Error occurred in client’s part
5XX - Error occurred in server’s part
Status Code Description
200 OK
201 Created
202 Accepted (Request accepted, and queued for execution)
400 Bad request
401 Authentication failure
403 Forbidden
404 Resource not found
405 Method Not Allowed
GDPR-Service – Public API
Glossary – 47
Status Code Description
409 Conflict
412 Precondition Failed
413 Request Entity Too Large
500 Internal Server Error
501 Not Implemented
503 Service Unavailable