Request a DSAR / tenant-export job

const options = {
  method: 'POST',
  headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
  body: JSON.stringify({
    scope: {
      dataSubjectId: '<string>',
      windowStart: '2023-11-07T05:31:56Z',
      windowEnd: '2023-11-07T05:31:56Z',
      campaignIds: ['<string>'],
      substrates: ['<string>']
    },
    format: 'JSON',
    requestedBy: '<string>',
    requestNotes: '<string>'
  })
};

fetch('https://sandbox.api.enfinitos.com/v1/compliance/dsar', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));

{
  "ok": true,
  "data": {
    "job": {
      "id": "<string>",
      "orgId": "<string>",
      "createdAt": "2023-11-07T05:31:56Z",
      "updatedAt": "2023-11-07T05:31:56Z",
      "scope": {
        "dataSubjectId": "<string>",
        "windowStart": "2023-11-07T05:31:56Z",
        "windowEnd": "2023-11-07T05:31:56Z",
        "campaignIds": [
          "<string>"
        ],
        "substrates": [
          "<string>"
        ]
      },
      "requestedBy": "<string>",
      "requestNotes": "<string>",
      "progress": {
        "rowsCollected": 123,
        "rowsExpected": 123,
        "bytesPackaged": 123,
        "lastHeartbeatAt": "2023-11-07T05:31:56Z",
        "workerId": "<string>"
      },
      "delivery": {
        "bundleR2Key": "<string>",
        "bundleSizeBytes": 123,
        "bundleSha256": "<string>",
        "bundleUrl": "<string>",
        "expiresAt": "2023-11-07T05:31:56Z",
        "downloadedAt": "2023-11-07T05:31:56Z",
        "downloadedBy": "<string>"
      },
      "failure": {
        "message": "<string>",
        "failedAt": "2023-11-07T05:31:56Z",
        "workerId": "<string>"
      },
      "timeline": [
        {
          "at": "2023-11-07T05:31:56Z",
          "actor": "<string>",
          "notes": "<string>"
        }
      ]
    },
    "activeLimit": 123
  },
  "contractVersion": "<string>"
}

Compliance

Request a DSAR / tenant-export job

Request a new DSAR / tenant-export job. scope.kind selects the export semantics: DATA_SUBJECT (GDPR DSAR for one subject — requires scope.dataSubjectId; configuration sections are excluded under data minimisation), TENANT_FULL (operator-initiated full-tenant backup), or TENANT_SLICE (time-windowed slice — requires scope.windowStart + scope.windowEnd). The job lands REQUESTED; drive it with POST /v1/compliance/dsar/{jobId}/run. Per-tenant cap: 5 active (non-terminal) jobs at once — beyond the cap the request returns 429 RATE_LIMITED with a retry-after header. Requires scope audit:read — the job reads everything and destroys nothing.

POST

compliance

dsar

const options = {
  method: 'POST',
  headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
  body: JSON.stringify({
    scope: {
      dataSubjectId: '<string>',
      windowStart: '2023-11-07T05:31:56Z',
      windowEnd: '2023-11-07T05:31:56Z',
      campaignIds: ['<string>'],
      substrates: ['<string>']
    },
    format: 'JSON',
    requestedBy: '<string>',
    requestNotes: '<string>'
  })
};

fetch('https://sandbox.api.enfinitos.com/v1/compliance/dsar', options)
  .then(res => res.json())
  .then(res => console.log(res))
  .catch(err => console.error(err));

{
  "ok": true,
  "data": {
    "job": {
      "id": "<string>",
      "orgId": "<string>",
      "createdAt": "2023-11-07T05:31:56Z",
      "updatedAt": "2023-11-07T05:31:56Z",
      "scope": {
        "dataSubjectId": "<string>",
        "windowStart": "2023-11-07T05:31:56Z",
        "windowEnd": "2023-11-07T05:31:56Z",
        "campaignIds": [
          "<string>"
        ],
        "substrates": [
          "<string>"
        ]
      },
      "requestedBy": "<string>",
      "requestNotes": "<string>",
      "progress": {
        "rowsCollected": 123,
        "rowsExpected": 123,
        "bytesPackaged": 123,
        "lastHeartbeatAt": "2023-11-07T05:31:56Z",
        "workerId": "<string>"
      },
      "delivery": {
        "bundleR2Key": "<string>",
        "bundleSizeBytes": 123,
        "bundleSha256": "<string>",
        "bundleUrl": "<string>",
        "expiresAt": "2023-11-07T05:31:56Z",
        "downloadedAt": "2023-11-07T05:31:56Z",
        "downloadedBy": "<string>"
      },
      "failure": {
        "message": "<string>",
        "failedAt": "2023-11-07T05:31:56Z",
        "workerId": "<string>"
      },
      "timeline": [
        {
          "at": "2023-11-07T05:31:56Z",
          "actor": "<string>",
          "notes": "<string>"
        }
      ]
    },
    "activeLimit": 123
  },
  "contractVersion": "<string>"
}

Authorizations

Authorization

string

header

required

API key sent as Authorization: Bearer <api-key>.

Body

application/json

scope

object

required

Show child attributes

format

enum<string>

default:JSON

Export format. Unrecognised values fall back to JSON.

Available options:

JSON,

CSV,

NDJSON,

PARQUET

requestedBy

string

Requester attribution. Defaults to the key's developerId.

requestNotes

string | null

Optional rationale captured for the audit trail.

Response

The created job (state REQUESTED) and the active-job cap.

boolean

required

data

object

required

Route-specific payload. Operation responses refine this.

Show child attributes

contractVersion

string

required

Allowed value: "v1.0"

List DSAR jobs Fetch a DSAR job

⌘I