API Service Level Objectives

OneTrust is committed to providing reliable and timely API services. As such, we are working based on certain service level objectives (SLOs) to maintain the integrity of the services. For clarity, these service levels are objectives only and not a commitment or guarantee.

Overview

Universal Consent & Preference Management APIs are in an available state 99% of the time. Requests have a P99 latency within their satisfactory threshold of 500ms or less and less than 0.5% of requests return a 5XX error status response.

👍

The service is considered available when the service is above its Service Level Objective (SLO) and the error rate is below its Service Level Objective (SLO). The service needs to simultaneously meet both of its SLO targets to be considered available. If either target is not met, the service is considered unavailable. For example, if the service becomes unavailable for a 10-minute period, the availability score will be 99.90% for the week (1 430 minutes of availability out of 1 440 minutes in a week) and 99.97% for the month (43 190 minutes of availability out of 43 200 minutes in the month).

API Uptime

V4 Data Subjects APIs

API NameAPI PathAPI Uptime
Get Data Subject Details/v4/datasubjects/details99.9%
Get Data Subject/v4/datasubjects/basic-details99.9%
Get List of All Purpose Details by Data Subject/v4/datasubjects/ds-profiles99.9%
Get Purpose Details by Data Subject/v4/datasubjects/profiles/{purposeGuid}99.9%
Get List of Data Subject Group Associations by Data Subject/v4/linkedidentitygroups99.9%
Get List of Data Subject Group Members/v4/linkedidentitygroups/{linkedIdentityGroupId}/members99.9%
Get List of Data Subjects/v4/datasubjects99.9%
Get List of All Purpose Details for All Data Subjects/v4/datasubjects/profiles99.9%
Get List of Data Subject Tokens/v4/linktokens99.9%

Consent Receipt APIs

API NameAPI PathAPI Uptime
Create Consent Receipts/v1/consentreceipts99.9%
Create Consent Receipts/v1/consentreceipts/identified99.9%
Create Bulk Consent Receipts/v1/consentreceipts/bulk99.9%

Data Subject's Preferences APIs

API NameAPI PathAPI Uptime
Get Data Subject's Preferences/v1/preferences99.9%
Get Data Subject's Preferences/v2/preferences99.9%

Availability during Maintenance Periods

The following endpoints remain available during maintenance:

API NameAPI Path
Create Consent Receipts/privacyportalxx.onetrust.com/request/v1/consentreceipts
Get Data Subject's Preferences/v1/preferences
Get Data Subject's Preferences/v2/preferences
Get List of Receipts/v2/receipts
Create Consent Receipts/v1/consentreceipts
Create Consent Receipts in Bulk/v1/consentreceipts/bulk
Create Identified Consent Receipts/v1/consentreceipts/identified
Get List of Data Subjects/v4/datasubjects
Get Data Subject/v4/datasubjects/basic-details
Get Data Subject Details/v4/datasubjects/details
Get List of All Purpose Details by Data Subject/v4/datasubjects/ds-profiles
Get Purpose Details by Data Subject/v4/datasubjects/profiles/{purposeGuid}
Get List of Data Subject Group Associations by Data Subject/v4/linkedidentitygroups
Get List of Data Subject Group Members/v4/linkedidentitygroups/{linkedIdentityGroupId}/members
Get List of All Purpose Detail for All Data Subjects/v4/datasubjects/profiles
Get List of Data Subject Tokens/v4/linktokens

📘

Additionally, preference centers remain accessible during maintenance periods.
All other consent endpoints are not available during maintenance periods.
Consents that trigger during a maintenance period will queue up and trigger integration workflows once the maintenance period is over.

API Response

P99, a response will be returned < 500 ms for the following APIs:

API NameAPI Path
Get List of Data Subjects/v1/datasubjects/profiles
Get Data Subject's Preferences/v1/preferences
Get List of Receipt Details by Data Subject/v1/receipts
Get List of Receipts/v2/receipts

P99, a response will be returned < 1000 ms for the following API:

API NameAPI Path
Get Data Subject's Preferences/v2/preferences

P99, a response will be returned < 500 ms for the following APIs:

API NameAPI Path
Create Consent Receipts/v1/consentreceipts
Create Consent Receipts in Bulk/v1/consentreceipts/bulk
Create Identified Consent Receipts/v1/consentreceipts/identified

P99, a response will be returned < 500 ms for the following APIs:

API NameAPI Path
Get Data Subject/v4/datasubjects/basic-details
Get Data Subject Details/v4/datasubjects/details
Get List of All Purpose Details by Data Subject/v4/datasubjects/ds-profiles
Get Purpose Details by Data Subject/v4/datasubjects/profiles/{purposeGuid}
Get List of Data Subject Group Associations by Data Subject/v4/linkedidentitygroups

P99, a response will be returned < 1000 ms for the following APIs:

API NameAPI Path
Get List of Data Subject Group Members/v4/linkedidentitygroups/{linkedIdentityGroupId}/members
Get List of Data Subjects/v4/datasubjects
Get List of All Purpose Detail for All Data Subjects/v4/datasubjects/profiles
Get List of Data Subject Tokens/v4/linktokens

👍

For more information, see OneTrust Consent Modern Architecture APIs Performance Testing Results Whitepaper in myOneTrust.

API Performance

  • POST /v1/consentreceipts writes to storage in < 5 seconds 99% of the time.
  • Data is available from GET /v1/receipts in < 5 seconds 99% of the time.
  • Data is available from POST /v2/receipts in up to 30 seconds 99% of the time.

Data Availability

  • New data is available in GET /v1/preferences (Cross Device) returning payload in up to 30 seconds 99% of the time.
  • New data is available in GET /v2/preferences in up to 30 seconds 99% of the time.
  • New data is available from GET /v1/datasubjects/profiles in up to 30 seconds 99% of the time.

Example Workflow Scenarios

Scenario #1

POST /v2/receipts

When a call is made to POST /v1/consentreceipts for a data subject, the user should wait five seconds before trying to retrieve the receipt by making a call to the POST /v2/receipts API.

Scenario #2

GET /v1/datasubject/profiles

When a call is made to POST /v1/consentreceipts for a data subject, the user should wait up to 30 seconds before trying to retrieve the data subject profile by making a call to the GET /v1/datasubjects/profiles API.

Scenario #3

GET /v4/datasubjects/basic-details or /v4/datasubjects

When a call is made to POST /v1/consentreceipts for a data subject, the user should wait up to 30 seconds before trying to retrieve the data subject profile by making a call to the GET /v4/datasubjects/basic-details or the GET /v4/datasubjects APIs.

Scenario #4

 GET /v1/preferences

When a call is made to POST /v1/consentreceipts for a data subject, the user should wait up to 30 seconds before trying to retrieve the data subject preferences by making a call to the GET /v1/preferences API.