How APIs Help Protect Consumers & Modernize Companies · © 2019 Adobe. All Rights Reserved. Adobe...
Transcript of How APIs Help Protect Consumers & Modernize Companies · © 2019 Adobe. All Rights Reserved. Adobe...
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
How APIs Help Protect Consumers & Modernize Companies Ron Nagy | Sr Product Marketing Manager, Adobe I/O @ronnag
y
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
EXPERIENCES MATTER MORE THAN EVER
3
© 2019 Adobe. All Rights Reserved. Adobe Confidential. 4
Integration is Critical for Digital Experiences
Customers need their content and
data to connect to customer touch
points.
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
A cohesive set of tools and services that
enable customers and partners to extend
and integrate Adobe products.
Adobe I/O
5
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
Extensibility Products
Adobe I/O
6
Documentati
on &
Discovery
Access &
Integration
Extend Adobe’s
platform and
solutions through
serverless
functions.
Use webhooks to
receive near-real
time events from
Adobe solutions
Adobe I/O
Runtime
Adobe I/O
Events Creative Cloud
Document Cloud
Experience Cloud
Flexibly integrate
with Adobe’s
products and
solutions
Adobe I/O
API Gateway
Adobe I/O
Console
Adobe.io
Website
JavaScript Helper
Library for Simplified
Development
Local
Development,
Build and
Automation
Adobe I/O CLI
Adobe I/O SDK
© 2019 Adobe. All Rights Reserved. Adobe Confidential. © 2019 Adobe Systems Incorporated. All Rights Reserved. Adobe Confidential.
7
Adobe Experience Platform
Adobe Analytics Cloud Adobe Advertising Cloud Adobe Marketing Cloud Adobe Commerce Cloud
Adobe Analytics
Adobe Audience
Manager
Adobe Experience
Manager
Adobe Campaign Marketo Engage
Adobe
Target
Magento Commerce
Adobe Sensei
Search DSP
TV Creative
Adobe Experience Cloud
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
Thoughtful API
and system
design speed
compliance
Expanding Global
Privacy
Regulations
Event based
systems
streamline
notifications
Effective 25 May 2018
Expanded definition of personal
data Strengthened consent
requirements Focus on individual rights
Fines up to 4% of annual revenue
GDPR
Overview
All systems that handle EU data are within GDPR’s scope.
Our Mission
Around
Privacy These are the four core
tenets of Adobe’s mission
vis a vis Privacy Service
Help you build and sustain trust with
your clients
Grow our strong privacy partnership
with data controllers, and
partners
As a processor, protect and respect the data entrusted
to us
Help controllers responsibly unlock the power of data
BRAND’S
RESPONSIBILI
TY
Laura
DATA SUBJECT
CONSENT
TECHNOLOGY
PROVIDER’S
RESPONSIBILIT
Y
SHARED
RESPONSIBIL
ITY
Privacy Service Request
Example
Adobe has Partnerships
with Multiple Consent
Managers
Evidon 1
OneTrust 2
TrustArc 3
Ensure data is
labeled
Labeling data allows Data Controllers to determine which data will be included in the processing of a GDPR request
Labeling data is the first step in answering GDPR requests
Capture IDs in
Adobe Products
Easily
For Adobe’s Privacy Service
API to process requests it
requires IDs
Consider deploying Adobe’s Privacy Service ID retrieval tag on your privacy portal 2
Adobe’s Privacy Service ID retrieval tag is a lightweight JavaScript library to collect visitors’ Adobe IDs
1
Privacy Service Overview
Laura
Data
Subject
Privacy Team
Data Controller
Adobe
Experience
Cloud
Data Processor
Delete/Access/Status
Capture Adobe IDs
Consent 1
UI/API Query 4
5 Return via API 6 Response
Data Labeling 2
GDPR Request 3
© 2019 Adobe. All Rights Reserved. Adobe Confidential. 16
Privacy Service User
Interface
Privacy Service API
Privacy Team
Data Controller
Adobe
Experience
Cloud
Data Processor
Delete
Access
Status
Send Request
Return response
Privacy Service API
© 2019 Adobe. All Rights Reserved. Adobe Confidential. 18
• Facilitates customer automation and batch submissions
• Publicly available through Adobe I/O
• Simple interface using REST API’s
API Name Method Type Description
Access POST Access requests for central service to retrieve all data
corresponding with provided user id's
Delete POST Delete request for central service to delete all data
corresponding with provided user id's
Status GET Retrieve the status of a job
Status (all) GET Retrieve all job statuses for the requesting user
Privacy Service API
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
Submissions are driven through the
organization identifier, though legacy account
IDs are also accepted
organization ID – one per request
Multiple data subject ID’s may be submitted in a
single request
they will be broken into individual jobs per unique data
subject ID within the GDPR API
IDs collected by the customer, from their data
subjects or through the Adobe tools, are
submitted as requests to the GDPR API
Multiple IDs per data subject may be submitted as a
collection
Product-specific requests instruct Adobe as to
where the data needs to be processed
Privacy Service API Request
Example {
"companyContexts": [
{ "namespace": "imsOrgID",
"value": "123456789@AdobeOrg" }
],
"users": [
{ "key": "user_1234",
"action": ["access"],
"userIDs": [
{ "namespace": "email",
"value": "[email protected]",
"type": "standard"
}, {
"namespace": "ECID",
"type":"standard",
"value":"443636576799"
}
],
"include":["Analytics","AudienceManager"]
}
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
GDPR Central Service Architecture
20
Privacy
Service
UI
3rd party
automation
(API Access)
Privacy
Service
API
Adobe I/O
API
Gateway
Kafka
Pipeline
Experience
Cloud Products
…
Potential
Drawbacks in
current API model
Privacy Team
Data Controller
Adobe
Experience
Cloud
Data Processor
Delete
Access
Status
Send GDPR Request
Return response
Privacy Service API
Return response
Return response
Return response
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
Streamline process
with APIs & Cloud
events
22
Serverless compute
to run custom code
that consumes those
Events and
manipulates the APIs
APIs to
manipulate data
and flows
Events to
react in real
time to
system
changes
Adobe I/O Runtime
Adobe I/O
Events
Adobe I/O
API
Gateway
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
How I/O Events work
23
I/O Events Bus
Webhook Journaling API
Event
Consume
r
Privacy
Service (GDPR)
Event
Consume
r
Creative
Cloud
Assets
AEM Events Experienc
e
Events
Data &
Profile
Events
AEM Cloud
Manager
Analytics
Triggers
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
We are compliant!
24
A specification for describing event data in a common way
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
Enables brands to listen for responses thus
cutting down on traffic and noise.
Compliant to Cloud Events spec 0.3
Key message type encoded into the type field
jobcomplete: All solutions have completed their work (if
required), and the overall job status is set to
COMPLETE.
joberror: At least one solution has reported an error and
the overall job status is set to ERROR.
productcomplete: One of the solutions has completed its
work and reported back to the central service.
producterror: One of the solutions has reported back
with an error of some kind.
Privacy Service API Event Response
Example
{
"specversion": "0.3",
"type": "com.adobe.platform.gdpr.jobcompl
ete",
"source": "https://ns.adobe.com/platform/gd
pr", "id": "639fd17a-d0bb-40ca-
83a4…",
"time": "2018-04-05T17:31:00Z",
"data": {
"imsOrg": "A71B5B5B54F607AB
0A4C98A 2@AdobeOrg",
"value":
{
"jobId": "68b2f3df-0bed-42a2-
a21b- 72ac94bf549c",
"message": "success"
}
}
}
© 2019 Adobe. All Rights Reserved. Adobe Confidential.
Thoughtful API
and system
design speed
compliance
Expanding Global
Privacy
Regulations
Event based
systems
streamline
notifications