# Data Subject Requests
We currently support two data subject request types **`access`** & **`erasure` .**
**Access** will let you determine if you have stored that data subjects identity anywhere in Poplar (&/or Share Local Media if you are also a SLM Solo, Shared or Insert client).
**Erasure** will submit an erasure (deletion) request for a data subject's identity within your account. This will scan across mailings, orders, and audiences. Note: that erasure requests **do not** apply within your opt out list. When you submit an erasure request we will also automatically add the data subject identity to your opt out list to prevent them from being mailed by you in the future.
## Create Data Subject Request
`POST` `https://api.heypoplar.com/v1/dsr/request`
Use this endpoint to create a data subject request for one or more subject identities.
#### Headers
| Name | Type | Description |
| ----------------------------------------------- | ------ | ------------------------------------------------------------------------- |
| Authorization\* | string | Bearer [ProductionAccessToken](https://docs.heypoplar.com/api/api/master) |
| Content-Type\* | string | application/json |
#### Request Body
| Name | Type | Description |
| -------------------------------------------------------- | ------ | ------------------------------------------------------------------------------------------------------- |
| api\_version | string | The API version of the request.
Supported values are: v1
|
| regulation\* | string | The regulation for the DSR request.
Supported values are: cpra
|
| subject\_request\_id\* | string | The unique UUID v4 identifier for this request. |
| subject\_request\_type\* | string | The type of request.
Supported values are: access erasure
|
| submitted\_time\* | string | ISO8601 formatted datetime representing the time the request was made by the data subject. |
| subject\_identities\* | array | An array of [subject identity objects.](#undefined) |
{% tabs %}
{% tab title="201: Created Data Subject Request Created" %}
```javascript
{
// Response
}
```
{% endtab %}
{% tab title="400: Bad Request Incorrectly formatted or missing data" %}
```json
{
"error": {
"name": "ValidationError"
"message": {
...
}
}
```
{% endtab %}
{% tab title="403: Forbidden Incorrect or missing auth header" %}
```json
{
"error": "Missing or Invalid Authorization Header"
}
```
{% endtab %}
{% endtabs %}
### Subject Identity Objects
A subject data request requires an array of subject identity objects. A request can contain multiple subject identity objects but all subject identities should be for the same user. For example, a data subject request may contain a subject identity object for a user's email and one for their address.
Subject identity objects should contain the following fields:
| Key | Value Type | Description |
|---|
identity_type | string | Required
The type of identity.
Supported options are: email address |
identity_format | string | Required
The format of the identity value
Supported formats are: raw |
identity_value | string | object | Required
For address requests, an identity address object; For all other request types, the value string. |
The `identity_value` object for address request should contain the following fields:
| Key | Value Type | Description |
|---|
full_name | string | Optional |
first_name | string | Optional |
last_name | string | Optional |
address_1 | string | Required
Address number and street name |
address_2 | string | Optional
Apt/Suite/Unit/etc. |
city | string | Required |
state | string | Required |
postal_code | string | Required |
## Fetch Data Subject Request Status
`GET` `https://api.heypoplar.com/v1/dsr/request/:subject_request_id`
This endpoint allows you to query the status of a data subject request.
#### Path Parameters
| Name | Type | Description |
| ------------------------------------------------------ | ------ | ---------------------------------------------- |
| subject\_request\_id\* | string | The `subject_request_id` from the POST request |
{% tabs %}
{% tab title="200: OK Successful Deletion Request" %}
```json
{
"controller_id": "87f42076-3bcc-4e93-a72a-a0703746ec98",
"subject_request_id": "e93693d5-5d99-4c45-8993-b31684426a38",
"request_status": "completed",
"result": "deleted",
}
```
{% endtab %}
{% tab title="403: Forbidden Incorrect or missing auth header" %}
```json
{
"error": "Missing or Invalid Authorization Header"
}
```
{% endtab %}
{% tab title="404: Not Found subject\_request\_id is incorrect or does not exist" %}
```javascript
{
"error": {
"name": "NotFound",
"message": "Data Subject Request not found"
}
}
```
{% endtab %}
{% tab title="200: OK Request in Progress" %}
```javascript
{
"controller_id": "87f42076-3bcc-4e93-a72a-a0703746ec98",
"expected_completion_time": "2022-11-19T19:48:43.514+00:00",
"subject_request_id": "e93693d5-5d99-4c45-8993-b31684426a38",
"request_status": "in_progress"
}
```
{% endtab %}
{% tab title="200: OK Successful Request – No Results Found" %}
```javascript
{
"controller_id": "87f42076-3bcc-4e93-a72a-a0703746ec98",
"subject_request_id": "e93693d5-5d99-4c45-8993-b31684426a38",
"request_status": "completed",
"result": "not_found",
}
```
{% endtab %}
{% tab title="200: OK Successful Access Request" %}
```javascript
{
"controller_id": "87f42076-3bcc-4e93-a72a-a0703746ec98",
"subject_request_id": "e93693d5-5d99-4c45-8993-b31684426a38",
"request_status": "completed",
"result": "found",
"data": [
{
"category": "address",
"email": "johndoe@example.com"
},
{
"category": "address",
"address_1": "1640 Riverside Drive",
"city": "Hill Valley",
"state": "CA",
"postal_code": "91103"
}
]
}
```
{% endtab %}
{% endtabs %}