Web application configuration API - PUT data privacy of a web application

Updates data privacy parameters of the specified web application.

This API only supports web applications. For mobile and custom applications, see Mobile and custom app API.

The request consumes and produces an application/json payload.

PUT	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/applications/web/{id}/dataPrivacy`
PUT	Environment ActiveGate	`https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/applications/web/{id}/dataPrivacy`

Authentication

To execute this request, you need an access token with DataPrivacy scope.

To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter

Type

Description

Required

string

The ID of the web application, where you want to update data privacy settings.

path

required

body

ApplicationDataPrivacy

JSON body of the request, containing new data privacy settings.

body

optional

Request body objects

The `ApplicationDataPrivacy` object

Data privacy settings of the application.

Element

Type

Description

Required

dataCaptureOptInEnabled

boolean

Set to true to disable data capture and cookies until JavaScriptAPI dtrum.enable() is called.

required

doNotTrackBehaviour

string

How to handle the "Do Not Track" header:

IGNORE_DO_NOT_TRACK: ignore the header and capture the data.
CAPTURE_ANONYMIZED: capture the data but do not tie it to the user.
DO_NOT_CAPTURE: respect the header and do not capture.

CAPTURE_ANONYMIZED
DO_NOT_CAPTURE
IGNORE_DO_NOT_TRACK

required

identifier

string

Dynatrace entity ID of the web application.

optional

metadata

ConfigurationMetadata

Metadata useful for debugging

optional

persistentCookieForUserTracking

boolean

Set to true to set persistent cookie in order to recognize returning devices.

required

sessionReplayDataPrivacy

SessionReplayDataPrivacySettings

Data privacy settings for Session Replay.

optional

The `ConfigurationMetadata` object

Metadata useful for debugging

Element

Type

Description

Required

clusterVersion

string

Dynatrace version.

optional

configurationVersions

integer[]

A sorted list of the version numbers of the configuration.

optional

currentConfigurationVersions

string[]

A sorted list of version numbers of the configuration.

optional

The `SessionReplayDataPrivacySettings` object

Data privacy settings for Session Replay.

Element

Type

Description

Required

contentMaskingSettings

SessionReplayContentMaskingSettings

Content masking settings for Session Replay.

For more details, see Configure Session Replay in Dynatrace Documentation.

optional

optInModeEnabled

boolean

If true, session recording is disabled until JavaScriptAPI dtrum.enableSessionReplay() is called.

optional

urlExclusionRules

string[]

A list of URLs to be excluded from recording.

optional

The `SessionReplayContentMaskingSettings` object

Content masking settings for Session Replay.

For more details, see Configure Session Replay in Dynatrace Documentation.

Element

Type

Description

Required

playbackMaskingSettings

SessionReplayMaskingSetting

Configuration of the Session Replay masking.

optional

recordingMaskingSettings

SessionReplayMaskingSetting

Configuration of the Session Replay masking.

optional

recordingMaskingSettingsVersion

integer

The version of the content masking.

You can use this API only with the version 2.

If you're using version 1, set this field to 2 in the PUT request to switch to version 2.

required

The `SessionReplayMaskingSetting` object

Configuration of the Session Replay masking.

Element

Type

Description

Required

maskingPreset

string

The type of the masking:

MASK_ALL: Mask all texts, user input, and images.
MASK_USER_INPUT: Mask all data that is provided through user input
ALLOW_LIST: Only elements, specified in maskingRules are shown, everything else is masked.
BLOCK_LIST: Elements, specified in maskingRules are masked, everything else is shown.

ALLOW_LIST
BLOCK_LIST
MASK_ALL
MASK_USER_INPUT

required

maskingRules

MaskingRule[]

A list of masking rules.

optional

The `MaskingRule` object

The masking rule defining how data is hidden.

Element

Type

Description

Required

maskingRuleType

string

The type of the masking rule.

ATTRIBUTE
ELEMENT

required

selector

string

The selector for the element or the attribute to be masked.

Specify a CSS expression for an element or a regular expression for an attribute.

required

userInteractionHidden

boolean

Interactions with the element are (true) or are not (`false) masked.

required

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

{
  "dataCaptureOptInEnabled": true,
  "doNotTrackBehaviour": "CAPTURE_ANONYMIZED",
  "identifier": "string",
  "metadata": {
    "clusterVersion": "1.192.1",
    "configurationVersions": [
      4,
      2
    ],
    "currentConfigurationVersions": [
      "1.0.4",
      "1.23"
    ]
  },
  "persistentCookieForUserTracking": true,
  "sessionReplayDataPrivacy": {
    "contentMaskingSettings": {
      "playbackMaskingSettings": {
        "maskingPreset": "ALLOW_LIST",
        "maskingRules": [
          {
            "maskingRuleType": "ATTRIBUTE",
            "selector": "string",
            "userInteractionHidden": false
          }
        ]
      },
      "recordingMaskingSettings": {},
      "recordingMaskingSettingsVersion": 2
    },
    "optInModeEnabled": true,
    "urlExclusionRules": [
      "string"
    ]
  }
}

Response

Response codes

Code

Type

Description

204

Success. Data privacy settings have been updated. Response doesn't have a body.

400

ErrorEnvelope

Failed. The input is invalid.

Validate payload

We recommend that you validate the payload before submitting it with an actual request. A response code of 204 indicates a valid payload.

The request consumes an application/json payload.

POST	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/applications/web/{id}/dataPrivacy/validator`
POST	Environment ActiveGate	`https://{your-activegate-domain}:9999/e/{your-environment-id}/api/config/v1/applications/web/{id}/dataPrivacy/validator`

Authentication

To execute this request, you need an access token with DataPrivacy scope.

To learn how to obtain and use it, see Tokens and authentication.

Response

Response codes

Code

Type

Description

204

Validated. The submitted configuration is valid. Response does not have a body.

400

ErrorEnvelope

Failed. The input is invalid.

Web application configuration API - PUT data privacy of a web application

Authentication

Parameters

Request body objects

The ApplicationDataPrivacy object

The ConfigurationMetadata object

The SessionReplayDataPrivacySettings object

The SessionReplayContentMaskingSettings object

The SessionReplayMaskingSetting object

The MaskingRule object

Request body JSON model

Response

Response codes

Validate payload

Authentication

Response

Response codes

The `ApplicationDataPrivacy` object

The `ConfigurationMetadata` object

The `SessionReplayDataPrivacySettings` object

The `SessionReplayContentMaskingSettings` object

The `SessionReplayMaskingSetting` object

The `MaskingRule` object