Adobe Experience Manager as a Cloud Service Foundation Readiness for Data Protection and Data Privacy Regulations aem-foundation-readiness-for-data-protection-and-data-privacy-regulations
AEM Foundation Data Privacy and Protection support aem-foundation-data-privacy-and-protection-support
At the AEM Foundation level, the Personal Data that is stored is held in the User Profile. Therefore, the information in this article primarily addresses how to access and delete user profiles, so you can address the access, and delete requests, respectively.
Accessing a User Profile accessing-a-user-profile
Manual Steps manual-steps
-
Open the User Administration console, by browsing to Tools - Security - Users or by browsing directly to
https://<serveraddress>:<serverport>/security/users.html -
Then, search for the user in question by typing the name in the search bar at the top of the page:
-
Finally, open the user profile by clicking it, then check under the Details tab.
HTTP API http-api
As mentioned, Adobe provides APIs for accessing user data, to facilitate automation. There are several types of APIs which you can use:
UserProperties API
curl -u user:password http://localhost:4502/libs/granite/security/search/profile.userproperties.json\?authId\=cavery
Sling API
Discovering the user home:
curl -g -u user:password 'http://localhost:4502/libs/granite/security/search/authorizables.json?query={"condition":[{"named":"cavery"}]}'
{"authorizables":[{"type":"user","authorizableId_xss":"cavery","authorizableId":"cavery","name_xss":"Carlene Avery","name":"Carlene Avery","home":"/home/users/we-retail/DSCP-athB1NYLBXvdTuN"}],"total":1}
Retrieving user data:
Using the node path from the home property of the JSON payload returned from the above command:
curl -u user:password 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profile.-1.json'
curl -u user:password 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profiles.-1.json'
Disabling a User and Deleting the Associated Profiles disabling-a-user-and-deleting-the-associated-profiles
Disable User disable-user
-
Open the User Administration console and search for the user in question, as described above.
-
Hover over the user and click the select icon. The profile turns gray indicating that it is selected.
-
In the upper menu, click Disable to disable (turn off) the user:
-
Finally, confirm the action.
The user interface indicates that the user account has been deactivated by graying out and adding a lock to the profile card:
Delete User Profile Information delete-user-profile-information
HTTP API http-api-1
The following procedures use the curl command-line tool to illustrate how to disable the user with the cavery userId and delete the user’s profiles available at the default location.
Discovering the user home:
curl -g -u user:password 'http://localhost:4502/libs/granite/security/search/authorizables.json?query={"condition":[{"named":"cavery"}]}'
{"authorizables":[{"type":"user","authorizableId_xss":"cavery","authorizableId":"cavery","name_xss":"Carlene Avery","name":"Carlene Avery","home":"/home/users/we-retail/DSCP-athB1NYLBXvdTuN"}],"total":1}
Disabling the user:
Using the node path from the home property of the JSON payload returned from the above command:
curl -X POST -u user:password -FdisableUser="describe the reasons for disabling this user (Data Privacy in this case)" 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN.rw.userprops.html'
Deleting user profiles
Using the node path from the home property of the JSON payload returned from the account discovery command and the known out of the box profile node locations:
curl -X POST -u user:password -H "Accept: application/json,**/**;q=0.9" -d ':operation=delete' 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profile'
curl -X POST -u user:password -H "Accept: application/json,**/**;q=0.9" -d ':operation=delete' 'http://localhost:4502/home/users/we-retail/DSCP-athB1NYLBXvdTuN/profile'