🎉 OneTrust 6.29 Released!
We are excited to announce the following enhancements in the OneTrust Developer Portal as part of OneTrust 6.29.
For more information about the release and our product updates in the OneTrust application, refer to the OneTrust Release Notes page. Learn more about environment maintenance on the Current and Historic Maintenance page, and subscribe to proactive environment notifications on our System Status and Scheduled Maintenance page.
API Keys created in the Integrations module prior to OneTrust 6.14 (known as Legacy API Keys) will reach end of support on January 31, 2022. Any customers leveraging these Legacy API Keys to authenticate OneTrust APIs or any integration workflows will be affected.
Customers should update any applications or webhooks leveraging these Legacy API Keys with one of the OAuth 2.0 methods OneTrust offers to prevent any interruption of service. If you are not making use of Legacy API Keys, no changes are required. For additional details, see End of Support for Legacy API Keys.
General
- New SCIM APIs: Added SCIM v3 APIs to support System for Cross-Domain Identity Management (SCIM) User & Group Provisioning. These APIs provide you with the ability to provision and deprovision users, provision user groups, and manage access for users by provisioning them to user groups. For more information, see SCIM User & Group Provisioning.
- GET /v3/Groups
New API
- POST /v3/Groups
New API
- GET /v3/Groups/{groupId}
New API
- PUT /v3/Groups/{groupId}
New API
- DELETE /v3/Groups/{groupId}
New API
- PATCH /v3/Groups/{groupId}
New API
- GET /v3/Users
New API
- POST /v3/Users
New API
- GET /v3/Users/{id}
New API
- PUT /v3/Users/{id}
New API
- PATCH /v3/Users/{id}
New API
- GET /v3/Groups
Assessment Automation
- Added Parameters to Get Assessment Details API: Updated API to include primary record details (
id
,name
,number
,type
) and theresidualRiskScore
,openRisksCount
,inherentRiskScore
,targetRiskScore
, andlastUpdated
parameters in the response.- GET/v2/assessments/{assessmentId}/export
Updated API
- GET/v2/assessments/{assessmentId}/export
- Added Parameters to Get Assessment List API: Updated API to include the
residualRiskScore
,openRisksCount
,inherentRiskScore
,targetRiskScore
, andlastUpdated
parameters in the response.- GET/v2/assessments
Updated API
- GET/v2/assessments
- Archive Assessments: Added API to archive a single or multiple active assessments. After archiving, assessments will be moved into the archive list.
- PUT/v2/assessments/archive
New API
- PUT/v2/assessments/archive
- Unarchive Assessments: Added API to unarchive a single or multiple archived assessments. After unarchiving, assessments will be moved back to the active list.
- PUT/v2/assessments/un-archive
New API
- PUT/v2/assessments/un-archive
Cookie Compliance
- Updated Query Parameter: Updated API to include
website
as a required query parameter. If thewebsite
parameter is not included, the API will return 0 results. If it is included without a value, the API will return all the websites in the account.- GET /v2/websites
Updated API
- GET /v2/websites
Universal Consent & Preference Management
- Retrieve Historical Receipts: Updated the API with the
includeArchived
query parameter. This allows users to fetch historical receipts older than 90 days when used in conjunction with theidentifier
orreceiptId
parameters.- POST /api/consent/v2/receipts
Updated API
- POST /api/consent/v2/receipts
- Find Data Subject Duplicates: Updated the API request body to accept custom data element names instead of GUIDs. This allows users to more easily find duplicate data subjects.
- POST /api/datasubjects/v1/mergerequestschedule
Updated API
- POST /api/datasubjects/v1/mergerequestschedule
- Reference Validation for Parent/Child Groups: Updated the API with an added validation to allow a child consent group to be added to a parent group only once. This update will present users with an error message to prevent the same child group from being passed into the parent group again.
DataDiscovery
- Create New Scan Profile: Added API to create new scan profiles for DataDiscovery. This allows users to define scan types, include-exclude paths, limits, and other settings for a specific data source.
- POST/scan-profiles
New API
- POST/scan-profiles
- Get Scan Profile by ID: Added API to retrieve a scan profile by ID. This allows users to fetch any scan profile from the application by its unique ID.
- Get List of Scan Profiles: Added API to retrieve the list of available scan profiles. This allows users to collect all existing scan profiles from the application based on the set criteria.
- GET/scan-profiles
New API
- GET/scan-profiles