Guest delete data model
The method of identifying guests varies per organization. Some organizations only use identifiers to determine identity, such as provider and id. Other organizations only use guest attributes to identify a guest such as firstName, lastName, and email. Of these organizations, the number of guest attributes required to perform identity is optional, but there must be enough guest attributes provided for potential matching guest records to be identified. For example, firstName and lastName do not provide enough identifying information to match a guest record for deletion.
There are two available modes for deleting a guest:
-
deletemode - deletes the guest profile and the associated sessions and events, but not the associated orders and order items. To delete the orders and order items, you must first delete the orders using the Batch API order delete endpoint, before usingdeletemode. -
gdpr_deletemode - deletes the guest profile and all associated entities including sessions, events, orders, and order items.
Guests have a right to be forgotten and you must use the gdpr_delete mode if you are deleting the guest in order to meet GDPR compliance.
When you create a batch file, ensure that you include all required attributes in addition to any attributes from the following table:
|
Attribute |
Description |
Type |
Example(s) |
Required/optional |
|---|---|---|---|---|
|
|
A unique ID of the record that the organization generates for the purpose of identification outside of Sitecore CDP. |
string UUID |
|
Required |
|
|
The type of record contained in the |
string |
|
Required |
|
|
Indicates how or what mechanism must be used to delete the record. |
string |
|
Required |
|
|
The container for the identifiers or the identity values required for guest delete. |
container |
N/A |
Required |
|
|
The container for any identity attributes used to match guests for potential deletion. |
container |
N/A |
Required if your organization uses identifiers to perform identity. |
|
|
The email address of the guest. |
string (recommend lowercase) |
Required if your organization uses the | |
|
|
The first name of the Guest. |
string (title case) |
|
Required if your organization uses the |
|
|
The last name of the guest. |
string (recommended title case) |
|
Required if your organization uses the |
|
|
The provider of the identifier. |
string |
|
Required if your organization uses identifiers to perform identity. |
|
|
The unique ID of the identifier. |
string |
|
Required if your organization uses identifiers to identity a guest. |
Here's a JSON example that uses identifiers to identify a guest:
{
"ref": "17AC5C03-F7A1-461F-A3B1-C96F43143522",
"schema": "guest",
"mode": "delete",
"value": {
"identifiers": [
{
"provider": "IDENTITY_SYSTEM",
"id": "BX_201504"
}
]
}
}Here's a JSON example that uses Personally Identifiable Identifiers (PII) to identify a guest:
{
"ref":"17AC5C03-F7A1-461F-A3B1-C96F43143522",
"schema":"guest",
"mode":"delete",
"value":{
"email":"[email protected]",
"firstName":"John",
"lastName":"Doe"
}
}Example responses
The following is a response where a single matching guest was found:
{"ref":"<UUID>","code":"200","message":"Guest and associated entities deleted"}
The following is a response where multiple matching guests were found:
{"ref":"<UUID>","code":"200","message":"3 matches found for this guest, 1st match deleted"}
The following is a response where no matching guests were found:
{"ref":"<UUID>","code":"404","message":"Guest not found"}
The following is a response where there was not enough identity information provided to find a matching guest:
{"ref":"<UUID>","code":"400","message":"Not enough identifying information"}
The following is a response where the guest could not be deleted because they were currently online:
{"ref":"<UUID>","code":"403","message":"Unable to delete Guest: Guest has an open session"}