This topic describes the concept and how to manage blacklists using the Episerver Profile Store API.
In this topic
Using Blacklists
You can register a visitor's email address in the blacklist to avoid processing events that come from this visitor and avoid storing visitor data.
Registering visitor email in the blacklist results in the following:
- Incoming events are ignored and not processed where User.Email property contains a blacklisted email address.
- You cannot update an existing profile with a blacklisted email address using Profile Store API.
- You cannot create a new profile if the profile contains a blacklisted email address.
- Existing data of blacklisted visitors are removed by schedule, usually every night:
- A visitor profile is removed if it contains a blacklisted email address.
- Events are removed if User.Email property contains blacklisted email address, or the device ID belongs to a profile that contains blacklisted email address.
Note: Use blacklists for GDPR-compliance only.
Blacklist properties
The blacklist object contains a fixed set of property fields.
- BlacklistId [string]. The unique identifier of the blacklist object. Generated by the API.
- Email [string]. The blacklisted email address. Specified by the developer.
- Scope [string]. Optional. The unique identifier of the scope of this blacklist object; specified by the developer.
- The ID should start with a letter or a number.
- The ID should contain up to 64 characters of letters, numbers, and underlines (_) only.
- Do not use CAPITAL letters.
- Example:
{ "BlacklistId" : "aa95267c-2e27-4e82-9b5b-186c4f50c68b", "Email" : "john.doe@example.com", "Scope" : "commercesite" }
Blacklist methods
GET api/v1.0/blacklists/
- To filter results using querystring parameters, see Filtering, paging and sorting.
- Returns HTTP 200 OK with all the blacklist items available in the environment.
- Response body example:
{ "total" : 2, "count" : 2, "items" : [ { "BlacklistId" : "62a2a514-a5f8-4e57-ae59-fe173167f8b7", "Email" : "admin@example.com", "Scope" : "DefaultScope" }, { "BlacklistId" : "a9780654-80f8-41b5-a716-8da5950783bd", "Email" : "admin@example.com", "Scope" : "bacb5c80-191e-433f-9fb2-b07c47b862af" } ] }
POST api/v1.0/blacklists/
- Returns HTTP 201 CREATED with the blacklist ID, email, and scope in the response body.
- Returns 400 BAD REQUEST if an incorrect post body was specified.
- Post body example:
{ "Email" : "admin@example.com", "Scope" : "DefaultScope" }
- Response body example:
{ "BlacklistId" : "83b23656-247d-4bf1-805b-a86d83ce489d", "Email" : "admin@example.com", "Scope" : "DefaultScope" }
DELETE api/v1.0/blacklists/{id}
- Removes an existing blacklist item.
- Returns:
- HTTP 200 OK if the blacklist item was removed.
- HTTP 404 NOT FOUND if the blacklist item does not exist.
DELETE api/v1.0/blacklists/{id}/ClearUserData
- Removes profile for the specified blacklist item.
- Returns:
- HTTP 200 OK if the data for the blacklist item was removed.
- HTTP 404 NOT FOUND if a profile with the email of the specified blacklist item does not exist.
- Response body example:
"Successfully removed data for blacklist item 77a6edaf-b10f-4f67-bc2a-35222dcd78d1"
Note: TheClearUserData API removes a profile in real-time. If you do not need the real-time deletion of the profile, you can skip calling the ClearUserData API method. However, both the profile and track events of a blacklisted customer are automatically deleted in 24 hours after you create a blacklist item.
Do you find this information helpful? Please log in to provide feedback.
Last updated: Mar 14, 2019