Developer API
Everything in TruePrivacy is API-first. Use our comprehensive REST API to embed privacy operations into your own products, internal tools, and custom workflows.
Why teams choose Developer API
Complete API Coverage
Every TruePrivacy feature is available via API — DSRs, consent, data maps, and more.
SDKs
Official SDKs for Node.js, Python, Ruby, PHP, Java, and Go.
Webhooks
Subscribe to real-time events and trigger your systems when privacy actions occur.
OpenAPI Spec
Full OpenAPI 3.0 specification for easy integration and type-safe client generation.
Detailed Capabilities
A closer look at what Developer API does inside TruePrivacy.
Complete REST API Coverage
Every TruePrivacy feature — data inventory, DSRs, consent records, vendor assessments, audit logs, workflows — is accessible via the REST API. Build custom privacy operations into any application or internal tool.
Official SDKs
First-party SDKs for Node.js, Python, Ruby, PHP, Java, and Go with full TypeScript typings for Node. SDKs handle authentication, request signing, pagination, and error handling, reducing integration time significantly.
OpenAPI 3.0 Specification
A complete, versioned OpenAPI specification is available for download and at a live documentation URL. Generate type-safe API clients in any language using the spec and your preferred code generation tool.
Webhook Event Subscriptions
Subscribe to any TruePrivacy event type — DSR status changes, new data discovered, consent updates, breach alerts — and receive real-time HTTP callbacks to your endpoint with signed payloads for security verification.
Sandbox Environment
A fully isolated sandbox environment mirrors production with test data so you can develop and test integrations without affecting live compliance data or triggering real notifications.
Comprehensive Documentation
Interactive API documentation with live request examples, code samples in all SDK languages, and a request sandbox where developers can test endpoints directly from the browser without setting up local tooling.
How It Works
From setup to ongoing compliance in a few straightforward steps.
Get Your API Credentials
Generate API keys or configure OAuth 2.0 client credentials from the TruePrivacy developer settings. Separate credentials for sandbox and production environments prevent accidental data modification during development.
Explore the Documentation
Use the interactive API documentation to explore available endpoints, understand request and response schemas, and test calls directly from the browser. Download the OpenAPI spec for client generation.
Build Your Integration
Install the SDK for your language and start calling TruePrivacy APIs from your application. Webhooks subscriptions are set up in the developer settings panel with point-and-click event selection.
Deploy & Monitor
The API usage dashboard shows request volumes, error rates, and latency by endpoint. Webhook delivery logs show the status of every event delivery with retry history for failed deliveries.
What's included
- RESTful JSON API
- OpenAPI 3.0 specification
- Official SDKs for 6 languages
- Webhook event subscriptions
- API key and OAuth 2.0 auth
- Rate limiting and SLA guarantees
Developer API
A powerful REST API to integrate TruePrivacy into any custom application or workflow.
Try it freeFrequently Asked Questions
Common questions about Developer API in TruePrivacy.
The API supports both API key authentication (recommended for server-to-server integrations) and OAuth 2.0 client credentials flow (recommended for applications where users authorize access to their own data). All requests must be made over HTTPS. API keys can be scoped to specific endpoints and permissions.
Rate limits apply per API key and are tiered by plan. Standard plan keys are limited to 1,000 requests per minute. Higher limits are available on Growth and Enterprise plans. The API returns standard rate limit headers so your client can implement appropriate backoff. Burst capacity above the per-minute limit is available for short-lived spikes.
Every webhook delivery includes a signature header computed using HMAC-SHA256 with your webhook signing secret. Verify the signature in your handler before processing the payload. Documentation includes example verification code in all SDK languages.
The TruePrivacy API has a 99.9% uptime SLA on Growth and Enterprise plans. Status and incident history are published at status.trueprivacy.com. Planned maintenance windows are communicated at least 72 hours in advance via email and the status page.
Yes. The DSR API lets you submit requests on behalf of data subjects from your own application — useful if you handle DSR intake in your own portal or receive requests via a CRM integration. Submitted requests enter the same processing queue as portal-submitted requests with full audit trail coverage.
Ready to automate Developer API?
Join hundreds of teams using TruePrivacy to manage privacy operations at scale.