User Look-Up and Deletion API
The Marketing Cloud Personalization User Look-Up & Deletion API enables you to retrieve and delete user data on-demand to comply with data privacy regulations such as GDPR and CCPA. In addition to using the Personalization UI, you can use this API to service Right of Access or Right to be Forgotten requests that you receive from customers.
This API enables you to look up users by either primary user ID or anonymous ID. You can also use this API to delete users by either primary user ID, anonymous ID, or any other known identity attribute. Personalization processes deletion requests as soon as the requests are received. For more information on the Personalization Identity System, see User Identity Mapping.
The User Look-Up & Deletion API uses API tokens to authenticate all data change requests. An Account Administrator can generate API tokens from the Personalization UI. For more information on API tokens, see Personalization API Tokens on Salesforce Help.
The following sections describe the various operations you can carry out using the API, and the associated endpoints.
Find and export a user in a Personalization dataset by
userId (if named) or
|Yes||The Personalization account name. You can find the |
|Yes||The Personalization instance identifier. You can find this value by accessing Gears from the Personalization UI and reviewing the URL. For example, if the Gears URL is |
|Yes||The name or identifier of the Personalization dataset you're looking up users from.|
|Yes, if looking up named users.||The user ID of the user you're looking up.|
|Yes, if looking up users with no known identity attribute or ||The anonymous ID of the user you're looking up.|
Find and delete users from a Personalization dataset with user identifiers submitted via a CSV file. You can specify users to be deleted either by primary user IDs or any other single identity attribute. The CSV file you submit with the deletion request must specify the identity attribute to be used. If you don’t specify an identity attribute in the CSV file, the system assumes that the CSV file lists users by primary user IDs.
- A maximum of 30,000 users can be submitted for deletion per request.
- Deleting users via this API doesn’t opt out a user from future tracking. For more information on managing user consent and disabling tracking via the Personalization sitemap, refer to the Consent Management documentation.
The following code sample depicts an example CSV file that lists users to be looked up by the identity attribute
emailAddress and deleted.
The following section describes the steps to delete users, and their associated data with the Personalization API, along with example Bash and curl commands. You can modify and use these example commands to send in your own deletion requests via the User Look-Up & Deletion API.
Export your Personalization account name and instance identifier using Bash, as shown in the following example.
You can find the values of
instanceby accessing Gears from the Personalization UI and reviewing the URL. For example, if the Gears URL is
https://demo.us-1.evergage.com/, then the account name is
demoand the instance identifier is
DATASETyour users belong to, as shown in the following example.
Export the API token to be used with the API request, as shown in the following example.
Your API token must be a strict Base64 encoding of your API Key ID and its API Secret Key. You can use an existing API token if it has the required permissions or generate a new one from the Personalization UI by navigating to Security > API Tokens > Create Token. For more information on API tokens, see Personalization API Tokens on Salesforce Help.
Export the CSV file to be submitted with your API request as a variable, as shown in the following example.
Write the identifiers of one or more users you'd like to delete to the CSV file, as shown in the following example.
Construct and send a curl request to delete users using the variables you declared in the previous steps, as shown in the following example.
Confirm whether your deletion request was processed by sending the same cURL request, as shown in the following example.