A command line interface that allows you to programatically interact with the Transcend.
- Changelog
- Installation
- transcend.yml
- Usage
transcend request approvetranscend request uploadtranscend request download-filestranscend request canceltranscend request restarttranscend request notify-additional-timetranscend request mark-silenttranscend request enricher-restarttranscend request reject-unverified-identifierstranscend request exporttranscend request skip-preflight-jobstranscend request system mark-request-data-silos-completedtranscend request system retry-request-data-silostranscend request system skip-request-data-silostranscend request preflight pull-identifierstranscend request preflight push-identifierstranscend request cron pull-identifierstranscend request cron mark-identifiers-completedtranscend consent build-xdi-sync-endpointtranscend consent pull-consent-metricstranscend consent pull-consent-preferencestranscend consent update-consent-managertranscend consent upload-consent-preferencestranscend consent upload-cookies-from-csvtranscend consent upload-data-flows-from-csvtranscend consent upload-preferencestranscend inventory pulltranscend inventory pushtranscend inventory scan-packagestranscend inventory discover-silostranscend inventory pull-datapointstranscend inventory pull-unstructured-discovery-filestranscend inventory derive-data-silos-from-data-flowstranscend inventory derive-data-silos-from-data-flows-cross-instancetranscend inventory consent-manager-service-json-to-ymltranscend inventory consent-managers-to-business-entitiestranscend admin generate-api-keystranscend admin chunk-csvtranscend migration sync-ot
- Prompt Manager
- Proxy usage
To stay up to date on breaking changes to the CLI between major version updates, please refer to CHANGELOG.md.
This package is distributed through npm, and assumes an installation of npm and Node.
npm install --global @transcend-io/cli
transcend --helpYou can also run the CLI using npx:
npx -p @transcend-io/cli -- transcend --helpNote
The CLI commands which interact with Transcend's API will default to using Transcend's EU backend. To use these commands with the US backend, you will need to add the flag --transcendUrl=https://api.us.transcend.io. You can also set the environment variable TRANSCEND_API_URL=https://api.us.transcend.io
Within your git repositories, you can define a file transcend.yml. This file allows you define part of your Data Map in code. Using the CLI, you can sync that configuration back to the Transcend Admin Dashboard (https://app.transcend.io/privacy-requests/connected-services).
You can find various examples for your transcend.yml file in the examples/ folder. If you are looking for a starting point to copy and paste, simple.yml is a good place to start. This file is annotated with links and documentations that new members of your team can use if they come across the file.
The API for this YAML file can be found in ./src/codecs.ts under the variable named "TranscendInput". The shape of the YAML file will be type-checked every time a command is run.
By default, your editor or IDE should recognize transcend.yml and validate it against our latest published JSON schema. This is dependent on whether your editor uses yaml-language-server, such as through the VS Code YAML extension.
Your editor will use the latest version's schema. To pin the transcend.yml schema to a previous major version, include this at the top of your file (and change v4 to your target major version):
# yaml-language-server: $schema=https://raw.githubusercontent.com/transcend-io/cli/main/transcend-yml-schema-v4.jsonThe structure of transcend.yml looks something like the following:
# Manage at: https://app.transcend.io/infrastructure/api-keys
# See https://docs.transcend.io/docs/authentication
# Define API keys that may be shared across data silos
# in the data map. When creating new data silos through the YAML
# CLI, it is possible to specify which API key should be associated
# with the newly created data silo.
api-keys:
- title: Webhook Key
- title: Analytics Key
# Manage at: https://app.transcend.io/privacy-requests/identifiers
# See https://docs.transcend.io/docs/identity-enrichment
# Define enricher or pre-flight check webhooks that will be executed
# prior to privacy request workflows. Some examples may include:
# - identity enrichment: look up additional identifiers for that user.
# i.e. map an email address to a user ID
# - fraud check: auto-cancel requests if the user is flagged for fraudulent behavior
# - customer check: auto-cancel request for some custom business criteria
enrichers:
- title: Basic Identity Enrichment
description: Enrich an email address to the userId and phone number
url: https://example.acme.com/transcend-enrichment-webhook
input-identifier: email
output-identifiers:
- userId
- phone
- myUniqueIdentifier
- title: Fraud Check
description: Ensure the email address is not marked as fraudulent
url: https://example.acme.com/transcend-fraud-check
input-identifier: email
output-identifiers:
- email
privacy-actions:
- ERASURE
# Manage at: https://app.transcend.io/privacy-requests/connected-services
# See https://docs.transcend.io/docs/the-data-map#data-silos
# Define the data silos in your data map. A data silo can be a database,
# or a web service that may use a collection of different data stores under the hood.
data-silos:
# Note: title is the only required top-level field for a data silo
- title: Redshift Data Warehouse
description: The mega-warehouse that contains a copy over all SQL backed databases
integrationName: server
url: https://example.acme.com/transcend-webhook
api-key-title: Webhook Key
data-subjects:
- customer
- employee
- newsletter-subscriber
- b2b-contact
identity-keys:
- email
- userId
deletion-dependencies:
- Identity Service
owners:
- [email protected]
datapoints:
- title: Webhook Notification
key: _global
privacy-actions:
- ACCESS
- ERASURE
- SALE_OPT_OUT
- title: User Model
description: The centralized user model user
key: users
privacy-actions:
- ACCESS
fields:
- key: firstName
title: First Name
description: The first name of the user, inputted during onboarding
- key: email
title: Email
description: The email address of the userUSAGE
transcend request approve (--auth value) (--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD) [--origins PRIVACY_CENTER|ADMIN_DASHBOARD|API|SHOPIFY] [--silentModeBefore value] [--createdAtBefore value] [--createdAtAfter value] [--transcendUrl value] [--concurrency value]
transcend request approve --help
Bulk approve a set of privacy requests from the DSR Automation -> Incoming Requests tab.
FLAGS
--auth The Transcend API key. Requires scopes: "Request Approval and Communication", "View Incoming Requests", "Manage Request Compilation"
--actions The request actions to approve [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--origins] The request origins to approve [PRIVACY_CENTER|ADMIN_DASHBOARD|API|SHOPIFY, separator = ,]
[--silentModeBefore] Any requests made before this date should be marked as silent mode
[--createdAtBefore] Approve requests that were submitted before this time
[--createdAtAfter] Approve requests that were submitted after this time
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 50]
-h --help Print help information and exitBulk approve all SALE_OPT_OUT and ERASURE requests
transcend request approve --auth="$TRANSCEND_API_KEY" --actions=SALE_OPT_OUT,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request approve --auth="$TRANSCEND_API_KEY" --actions=ERASURE --transcendUrl=https://api.us.transcend.ioApprove all Erasure requests that came through the API
transcend request approve --auth="$TRANSCEND_API_KEY" --actions=ERASURE --origins=APIApprove all requests, but mark any request made before 05/03/2023 as silent mode to prevent emailing those requests
transcend request approve \
--auth="$TRANSCEND_API_KEY" \
--actions=SALE_OPT_OUT \
--silentModeBefore=2024-05-03T00:00:00.000ZIncrease the concurrency (defaults to 50)
transcend request approve --auth="$TRANSCEND_API_KEY" --actions=ERASURE --concurrency=100Approve ERASURE requests created within a specific time frame
transcend request approve \
--auth="$TRANSCEND_API_KEY" \
--actions=SALE_OPT_OUT \
--createdAtBefore=2024-05-03T00:00:00.000Z \
--createdAtAfter=2024-04-03T00:00:00.000ZUSAGE
transcend request upload (--auth value) [--file value] [--transcendUrl value] [--cacheFilepath value] [--requestReceiptFolder value] [--sombraAuth value] [--concurrency value] [--attributes value] [--isTest] [--isSilent] [--skipSendingReceipt] [--emailIsVerified] [--skipFilterStep] [--dryRun] [--debug] [--defaultPhoneCountryCode value]
transcend request upload --help
Upload a set of requests from a CSV.
This command prompts you to map the shape of the CSV to the shape of the Transcend API. There is no requirement for the shape of the incoming CSV, as the script will handle the mapping process.
The script will also produce a JSON cache file that allows for the mappings to be preserved between runs.
FLAGS
--auth The Transcend API key. Requires scopes: "Submit New Data Subject Request", "View Identity Verification Settings", "View Global Attributes"
[--file] Path to the CSV file of requests to upload [default = ./requests.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--cacheFilepath] The path to the JSON file encoding the metadata used to map the CSV shape to Transcend API [default = ./transcend-privacy-requests-cache.json]
[--requestReceiptFolder] The path to the folder where receipts of each upload are stored [default = ./privacy-request-upload-receipts]
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--concurrency] The concurrency to use when uploading requests in parallel [default = 50]
[--attributes] Tag all of the requests with the following attributes. Format: key1:value1;value2,key2:value3;value4 [default = Tags:transcend-cli]
[--isTest] Flag whether the requests being uploaded are test requests or regular requests [default = false]
[--isSilent/--noIsSilent] Flag whether the requests being uploaded should be submitted in silent mode [default = true]
[--skipSendingReceipt] Flag whether to skip sending of the receipt email [default = false]
[--emailIsVerified/--noEmailIsVerified] Indicate whether the email address being uploaded is pre-verified. Set to false to send a verification email [default = true]
[--skipFilterStep] When true, skip the interactive step to filter down the CSV [default = false]
[--dryRun] When true, perform a dry run of the upload instead of calling the API to submit the requests [default = false]
[--debug] Debug logging [default = false]
[--defaultPhoneCountryCode] When uploading phone numbers, if the phone number is missing a country code, assume this country code [default = 1]
-h --help Print help information and exitSee a demo of the interactive mapping processbelow (note: the command is slightly different from the one shown in the video, but the arguments are the same.)
cli-upload-requests-720.mov
Upload requests from a CSV file
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csvFor self-hosted sombras that use an internal key
transcend request upload \
--auth="$TRANSCEND_API_KEY" \
--sombraAuth="$SOMBRA_INTERNAL_KEY" \
--file=/Users/transcend/Desktop/test.csvRun without being prompted to filter requests
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csv --skipFilterStepPerform a dry run to see what will be uploaded, without calling the Transcend API
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csv --dryRunMark the uploaded requests as test requests
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csv --isTestSend email communications to the users throughout the request lifecycle
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csv --isSilent=falseUpload requests without sending initial email receipt, but still send later emails
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csv --skipSendingReceiptIncrease the concurrency (defaults to 50)
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csv --concurrency=100Specify default country code for phone numbers
transcend request upload \
--auth="$TRANSCEND_API_KEY" \
--file=/Users/transcend/Desktop/test.csv \
--defaultPhoneCountryCode=44Include debug logs - warning, this logs out personal data
transcend request upload --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csv --debugSpecifying the backend URL, needed for US hosted backend infrastructure
transcend request upload \
--auth="$TRANSCEND_API_KEY" \
--sombraAuth="$SOMBRA_INTERNAL_KEY" \
--file=/Users/transcend/Desktop/test.csv \
--transcendUrl=https://api.us.transcend.ioSend email verification to user before request continues
transcend request upload \
--auth="$TRANSCEND_API_KEY" \
--file=/Users/transcend/Desktop/test.csv \
--isSilent=false \
--emailIsVerified=falseTag all uploaded requests with custom fields (formerly known as "attributes")
transcend request upload \
--auth="$TRANSCEND_API_KEY" \
--file=/Users/transcend/Desktop/test.csv \
--attributes=Tags:transcend-cli;my-customer-tag,Customer:acme-corpUSAGE
transcend request download-files (--auth value) [--sombraAuth value] [--concurrency value] [--requestIds value]... [--statuses REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED] [--folderPath value] [--createdAtBefore value] [--createdAtAfter value] [--approveAfterDownload] [--transcendUrl value]
transcend request download-files --help
Download the files associated with a Data Subject Access Request (DSAR) from DSR Automation -> Incoming Requests tab.
FLAGS
--auth The Transcend API key. Requires scopes: "View the Request Compilation", "View Incoming Requests", "Request Approval and Communication"
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--concurrency] The concurrency to use when downloading requests in parallel [default = 10]
[--requestIds]... Specify the specific request IDs to download [separator = ,]
[--statuses] The request statuses to download. Comma-separated list. Defaults to APPROVING,DOWNLOADABLE. [REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED, separator = ,]
[--folderPath] The folder to download files to [default = ./dsr-files]
[--createdAtBefore] Download requests that were submitted before this time
[--createdAtAfter] Download requests that were submitted after this time
[--approveAfterDownload] If the request is in status=APPROVING, approve the request after its downloaded [default = false]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitDownload the files associated with a Data Subject Access Request (DSAR) from DSR Automation -> Incoming Requests tab.
Download all requests in status=APPROVING or status=DOWNLOADABLE
transcend request download-files --auth="$TRANSCEND_API_KEY"Specifying the backend URL, needed for US hosted backend infrastructure
transcend request download-files --auth="$TRANSCEND_API_KEY" --transcendUrl=https://api.us.transcend.ioWrite files to a specific folder on disk
transcend request download-files --auth="$TRANSCEND_API_KEY" --folderPath=./my-folderAuto approve after download
transcend request download-files --auth="$TRANSCEND_API_KEY" --approveAfterDownloadDownload requests in APPROVING state only
transcend request download-files --auth="$TRANSCEND_API_KEY" --statuses=APPROVINGIncrease the concurrency (defaults to 10)
transcend request download-files --auth="$TRANSCEND_API_KEY" --concurrency=100Download requests in a timeframe
transcend request download-files \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-05-03T00:00:00.000Z \
--createdAtAfter=2024-04-03T00:00:00.000ZDownload specific requests
transcend request download-files \
--auth="$TRANSCEND_API_KEY" \
--requestIds=b8c2ce13-9e40-4104-af79-23c68f2a87ba,d5eedc52-0f85-4034-bc01-14951acad5aaUSAGE
transcend request cancel (--auth value) (--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD) [--statuses REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED] [--requestIds value]... [--silentModeBefore value] [--createdAtBefore value] [--createdAtAfter value] [--cancellationTitle value] [--transcendUrl value] [--concurrency value]
transcend request cancel --help
Bulk cancel a set of privacy requests from the DSR Automation -> Incoming Requests tab.
FLAGS
--auth The Transcend API key. Requires scopes: "View Incoming Requests", "Request Approval and Communication"
--actions The request actions to cancel [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--statuses] The request statuses to cancel. Comma-separated list. [REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED, separator = ,]
[--requestIds]... Specify the specific request IDs to cancel [separator = ,]
[--silentModeBefore] Any requests made before this date should be marked as silent mode for canceling to skip email sending
[--createdAtBefore] Cancel requests that were submitted before this time
[--createdAtAfter] Cancel requests that were submitted after this time
[--cancellationTitle] The title of the email template that should be sent to the requests upon cancelation [default = Request Canceled]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 50]
-h --help Print help information and exitBulk cancel all open SALE_OPT_OUT and ERASURE requests
transcend request cancel --auth="$TRANSCEND_API_KEY" --actions=SALE_OPT_OUT,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request cancel --auth="$TRANSCEND_API_KEY" --actions=ERASURE --transcendUrl=https://api.us.transcend.ioBulk cancel all Erasure (request.type=ERASURE) requests that are in an enriching state (request.status=ENRICHING)
transcend request cancel --auth="$TRANSCEND_API_KEY" --actions=ERASURE --statuses=ENRICHINGSend a specific email template to the request that are being canceled
transcend request cancel --auth="$TRANSCEND_API_KEY" --actions=ERASURE --cancellationTitle="Custom Email Template"Cancel all open SALE_OPT_OUT, but mark any request made before 05/03/2023 as silent mode to prevent emailing those requests
transcend request cancel \
--auth="$TRANSCEND_API_KEY" \
--actions=SALE_OPT_OUT \
--silentModeBefore=2024-05-03T00:00:00.000ZCancel all open SALE_OPT_OUT, within a specific time frame
transcend request cancel \
--auth="$TRANSCEND_API_KEY" \
--actions=SALE_OPT_OUT \
--createdAtBefore=2024-05-03T00:00:00.000Z \
--createdAtAfter=2024-04-03T00:00:00.000ZIncrease the concurrency (defaults to 50)
transcend request cancel --auth="$TRANSCEND_API_KEY" --actions=ERASURE --concurrency=500Bulk cancel requests by ID
transcend request cancel \
--auth="$TRANSCEND_API_KEY" \
--actions=ACCESS,ERASURE,SALE_OPT_OUT,CONTACT_OPT_OUT \
--statuses=ENRICHING,COMPILING,APPROVING,WAITING,REQUEST_MADE,ON_HOLD,DELAYED,SECONDARY \
--requestIds=c3ae78c9-2768-4666-991a-d2f729503337,342e4bd1-64ea-4af0-a4ad-704b5a07cfe4USAGE
transcend request restart (--auth value) (--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD) (--statuses REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED) [--transcendUrl value] [--requestReceiptFolder value] [--sombraAuth value] [--concurrency value] [--requestIds value]... [--emailIsVerified] [--createdAt value] [--silentModeBefore value] [--createdAtBefore value] [--createdAtAfter value] [--sendEmailReceipt] [--copyIdentifiers] [--skipWaitingPeriod]
transcend request restart --help
Bulk update a set of privacy requests based on a set of request filters.
FLAGS
--auth The Transcend API key. Requires scopes: "Submit New Data Subject Request", "View the Request Compilation"
--actions The request actions to restart [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
--statuses The request statuses to restart [REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED, separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--requestReceiptFolder] The path to the folder where receipts of each upload are stored [default = ./privacy-request-upload-receipts]
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--concurrency] The concurrency to use when uploading requests in parallel [default = 15]
[--requestIds]... Specify the specific request IDs to restart [separator = ,]
[--emailIsVerified/--noEmailIsVerified] Indicate whether the primary email address is verified. Set to false to send a verification email [default = true]
[--createdAt] Restart requests that were submitted before a specific date
[--silentModeBefore] Requests older than this date should be marked as silent mode
[--createdAtBefore] Restart requests that were submitted before this time
[--createdAtAfter] Restart requests that were submitted after this time
[--sendEmailReceipt] Send email receipts to the restarted requests [default = false]
[--copyIdentifiers] Copy over all enriched identifiers from the initial request [default = false]
[--skipWaitingPeriod] Skip queued state of request and go straight to compiling [default = false]
-h --help Print help information and exitRestart requests with specific statuses and actions
transcend request restart --auth="$TRANSCEND_API_KEY" --statuses=COMPILING,ENRICHING --actions=ACCESS,ERASUREFor self-hosted sombras that use an internal key
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--sombraAuth="$SOMBRA_INTERNAL_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--sombraAuth="$SOMBRA_INTERNAL_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--transcendUrl=https://api.us.transcend.ioIncrease the concurrency (defaults to 15)
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--concurrency=100Re-verify emails
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--emailIsVerified=falseRestart specific requests by ID
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--requestIds=c3ae78c9-2768-4666-991a-d2f729503337,342e4bd1-64ea-4af0-a4ad-704b5a07cfe4Restart requests that were submitted before a specific date
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--createdAt=2024-05-11T00:00:00.000ZRestart requests and place everything in silent mode submitted before a certain date
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--silentModeBefore=2024-12-05T00:00:00.000ZRestart requests within a specific timeframe
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--createdAtBefore=2024-04-05T00:00:00.000Z \
--createdAtAfter=2024-02-21T00:00:00.000ZSend email receipts to the restarted requests
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--sendEmailReceiptCopy over all enriched identifiers from the initial request
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--copyIdentifiersSkip queued state of request and go straight to compiling
transcend request restart \
--auth="$TRANSCEND_API_KEY" \
--statuses=COMPILING,ENRICHING \
--actions=ACCESS,ERASURE \
--skipWaitingPeriodUSAGE
transcend request notify-additional-time (--auth value) (--createdAtBefore value) [--createdAtAfter value] [--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD] [--daysLeft value] [--days value] [--requestIds value]... [--emailTemplate value] [--transcendUrl value] [--concurrency value]
transcend request notify-additional-time --help
Bulk notify a set of privacy requests from the DSR Automation -> Incoming Requests tab that more time is needed to complete the request. Note any request in silent mode will not be emailed.
FLAGS
--auth The Transcend API key. Requires scopes: "View Incoming Requests", "Request Approval and Communication"
--createdAtBefore Notify requests that are open but submitted before this time
[--createdAtAfter] Notify requests that are open but submitted after this time
[--actions] The request actions to notify [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--daysLeft] Only notify requests that have less than this number of days until they are considered expired [default = 10]
[--days] The number of days to adjust the expiration of the request to [default = 45]
[--requestIds]... Specify the specific request IDs to notify [separator = ,]
[--emailTemplate] The title of the email template that should be sent to the requests [default = Additional Time Needed]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 50]
-h --help Print help information and exitNotify all request types that were made before 01/01/2024
transcend request notify-additional-time --auth="$TRANSCEND_API_KEY" --createdAtBefore=2024-01-01T00:00:00.000ZNotify all request types that were made during a date range
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--createdAtAfter=2024-12-15T00:00:00.000ZNotify certain request types
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--actions=SALE_OPT_OUT,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--transcendUrl=https://api.us.transcend.ioBulk notify requests by ID
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--requestIds=c3ae78c9-2768-4666-991a-d2f729503337,342e4bd1-64ea-4af0-a4ad-704b5a07cfe4Only notify requests that are expiring in the next 3 days or less
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--daysLeft=3Change number of days to extend request by
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--days=30Send a specific email template to the request that instead of the default
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--emailTemplate="Custom Email Template"Increase the concurrency (defaults to 50)
transcend request notify-additional-time \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-01-01T00:00:00.000Z \
--concurrency=500USAGE
transcend request mark-silent (--auth value) (--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD) [--statuses REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED] [--requestIds value]... [--createdAtBefore value] [--createdAtAfter value] [--transcendUrl value] [--concurrency value]
transcend request mark-silent --help
Bulk update a set of privacy requests from the DSR Automation -> Incoming Requests tab to be in silent mode.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Compilation"
--actions The request actions to mark silent [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--statuses] The request statuses to mark silent. Comma-separated list. Defaults to REQUEST_MADE,WAITING,ENRICHING,COMPILING,DELAYED,APPROVING,SECONDARY,SECONDARY_APPROVING. [REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED, separator = ,]
[--requestIds]... Specify the specific request IDs to mark silent [separator = ,]
[--createdAtBefore] Mark silent requests that were submitted before this time
[--createdAtAfter] Mark silent requests that were submitted after this time
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 50]
-h --help Print help information and exitBulk mark silent all open SALE_OPT_OUT and ERASURE requests
transcend request mark-silent --auth="$TRANSCEND_API_KEY" --actions=SALE_OPT_OUT,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request mark-silent \
--auth="$TRANSCEND_API_KEY" \
--actions=ERASURE \
--transcendUrl=https://api.us.transcend.ioBulk mark as silent all Erasure (request.type=ERASURE) requests that are in an enriching state (request.status=ENRICHING)
transcend request mark-silent --auth="$TRANSCEND_API_KEY" --actions=ERASURE --statuses=ENRICHINGBulk mark as silent requests by ID
transcend request mark-silent \
--auth="$TRANSCEND_API_KEY" \
--actions=ACCESS,ERASURE,SALE_OPT_OUT,CONTACT_OPT_OUT \
--statuses=ENRICHING,COMPILING,APPROVING,WAITING,REQUEST_MADE,ON_HOLD,DELAYED,SECONDARY \
--requestIds=c3ae78c9-2768-4666-991a-d2f729503337,342e4bd1-64ea-4af0-a4ad-704b5a07cfe4Mark sale opt out requests as silent within a certain date range
transcend request mark-silent \
--auth="$TRANSCEND_API_KEY" \
--actions=SALE_OPT_OUT \
--createdAtBefore=2024-05-03T00:00:00.000Z \
--createdAtAfter=2024-04-03T00:00:00.000ZIncrease the concurrency (defaults to 50)
transcend request mark-silent --auth="$TRANSCEND_API_KEY" --actions=ERASURE --concurrency=500USAGE
transcend request enricher-restart (--auth value) (--enricherId value) [--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD] [--requestEnricherStatuses QUEUED|WAITING|SKIPPED|ERROR|RESOLVED|ACTION_REQUIRED|REMOTE_PROCESSING|WAITING_ON_DEPENDENCIES|POLLING] [--transcendUrl value] [--concurrency value] [--requestIds value]... [--createdAtBefore value] [--createdAtAfter value]
transcend request enricher-restart --help
Bulk restart a particular enricher across a series of DSRs.
The API key needs the following scopes:
- Manage Request Compilation
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Compilation"
--enricherId The ID of the enricher to restart
[--actions] The request action to restart [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--requestEnricherStatuses] The request enricher statuses to restart [QUEUED|WAITING|SKIPPED|ERROR|RESOLVED|ACTION_REQUIRED|REMOTE_PROCESSING|WAITING_ON_DEPENDENCIES|POLLING, separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 15]
[--requestIds]... Specify the specific request IDs to restart [separator = ,]
[--createdAtBefore] Restart requests that were submitted before this time
[--createdAtAfter] Restart requests that were submitted after this time
-h --help Print help information and exitRestart a particular enricher across a series of DSRs
transcend request enricher-restart --auth="$TRANSCEND_API_KEY" --enricherId=3be5e898-fea9-4614-84de-88cd5265c557Restart specific request types
transcend request enricher-restart \
--auth="$TRANSCEND_API_KEY" \
--enricherId=3be5e898-fea9-4614-84de-88cd5265c557 \
--actions=ACCESS,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request enricher-restart \
--auth="$TRANSCEND_API_KEY" \
--enricherId=3be5e898-fea9-4614-84de-88cd5265c557 \
--transcendUrl=https://api.us.transcend.ioIncrease the concurrency (defaults to 15)
transcend request enricher-restart \
--auth="$TRANSCEND_API_KEY" \
--enricherId=3be5e898-fea9-4614-84de-88cd5265c557 \
--concurrency=100Restart requests within a specific timeframe
transcend request enricher-restart \
--auth="$TRANSCEND_API_KEY" \
--enricherId=3be5e898-fea9-4614-84de-88cd5265c557 \
--createdAtBefore=2024-04-05T00:00:00.000Z \
--createdAtAfter=2024-02-21T00:00:00.000ZRestart requests that are in an error state
transcend request enricher-restart \
--auth="$TRANSCEND_API_KEY" \
--enricherId=3be5e898-fea9-4614-84de-88cd5265c557 \
--requestEnricherStatuses=ERRORUSAGE
transcend request reject-unverified-identifiers (--auth value) (--identifierNames value)... [--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD] [--transcendUrl value]
transcend request reject-unverified-identifiers --help
Bulk clear out any request identifiers that are unverified.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Compilation"
--identifierNames... The names of identifiers to clear out [separator = ,]
[--actions] The request action to restart [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitBulk clear out any request identifiers that are unverified
transcend request reject-unverified-identifiers --auth="$TRANSCEND_API_KEY" --identifierNames=phoneRestart specific request types
transcend request reject-unverified-identifiers \
--auth="$TRANSCEND_API_KEY" \
--identifierNames=phone \
--actions=ACCESS,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request reject-unverified-identifiers \
--auth="$TRANSCEND_API_KEY" \
--identifierNames=phone \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend request export (--auth value) [--sombraAuth value] [--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD] [--statuses REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED] [--transcendUrl value] [--file value] [--concurrency value] [--skipRequestIdentifiers] [--createdAtBefore value] [--createdAtAfter value] [--showTests] [--pageLimit value]
transcend request export --help
Export privacy requests and request identifiers to a CSV file.
FLAGS
--auth The Transcend API key. Requires scopes: "View Incoming Requests", "View the Request Compilation"
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--actions] The request actions to export [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--statuses] The request statuses to export [REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED, separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--file] Path to the CSV file where identifiers will be written to [default = ./transcend-request-export.csv]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 50]
[--skipRequestIdentifiers/--noSkipRequestIdentifiers] Skip exporting request identifiers
[--createdAtBefore] Pull requests that were submitted before this time
[--createdAtAfter] Pull requests that were submitted after this time
[--showTests/--noShowTests] Filter for test requests or production requests - when not provided, pulls both
[--pageLimit] The page limit to use when pulling in pages of requests [default = 100]
-h --help Print help information and exitPull all requests
transcend request export --auth="$TRANSCEND_API_KEY"Filter for specific actions and statuses
transcend request export --auth="$TRANSCEND_API_KEY" --statuses=COMPILING,ENRICHING --actions=ACCESS,ERASURESpecifying the backend URL, needed for US hosted backend infrastructure
transcend request export --auth="$TRANSCEND_API_KEY" --transcendUrl=https://api.us.transcend.ioWith Sombra authentication
transcend request export --auth="$TRANSCEND_API_KEY" --sombraAuth="$SOMBRA_INTERNAL_KEY"Increase the concurrency (defaults to 100)
transcend request export --auth="$TRANSCEND_API_KEY" --concurrency=500Filter for production requests only
transcend request export --auth="$TRANSCEND_API_KEY" --showTests=falseFilter for requests within a date range
transcend request export \
--auth="$TRANSCEND_API_KEY" \
--createdAtBefore=2024-04-05T00:00:00.000Z \
--createdAtAfter=2024-02-21T00:00:00.000ZWrite to a specific file location
transcend request export --auth="$TRANSCEND_API_KEY" --file=./path/to/file.csvSkip fetching request identifiers
transcend request export --auth="$TRANSCEND_API_KEY" --skipRequestIdentifiersUSAGE
transcend request skip-preflight-jobs (--auth value) (--enricherIds value)... [--transcendUrl value]
transcend request skip-preflight-jobs --help
This command allows for bulk skipping preflight checks.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Compilation"
--enricherIds... The ID of the enrichers to skip privacy request jobs for [separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitBulk skipping preflight checks
transcend request skip-preflight-jobs --auth="$TRANSCEND_API_KEY" --enricherIds=70810f2e-cf90-43f6-9776-901a5950599fSpecifying the backend URL, needed for US hosted backend infrastructure
transcend request skip-preflight-jobs \
--auth="$TRANSCEND_API_KEY" \
--enricherIds=70810f2e-cf90-43f6-9776-901a5950599f,db1e64ba-cea6-43ff-ad27-5dc8122e5224 \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend request system mark-request-data-silos-completed (--auth value) (--dataSiloId value) [--file value] [--transcendUrl value]
transcend request system mark-request-data-silos-completed --help
This command takes in a CSV of Request IDs as well as a Data Silo ID and marks all associated privacy request jobs as completed.
This command is useful with the "Bulk Response" UI. The CSV is expected to have 1 column named "Request Id".
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Compilation"
--dataSiloId The ID of the data silo to pull in
[--file] Path to the CSV file where identifiers will be written to. The CSV is expected to have 1 column named "Request Id". [default = ./request-identifiers.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitMark all associated privacy request jobs as completed
transcend request system mark-request-data-silos-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599fPull to a specific file location
transcend request system mark-request-data-silos-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--file=/Users/transcend/Desktop/test.csvSpecifying the backend URL, needed for US hosted backend infrastructure
transcend request system mark-request-data-silos-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend request system retry-request-data-silos (--auth value) (--dataSiloId value) (--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD) [--transcendUrl value]
transcend request system retry-request-data-silos --help
This command allows for bulk restarting a set of data silos jobs for open privacy requests. This is equivalent to clicking the "Wipe and Retry" button for a particular data silo across a set of privacy requests.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Compilation"
--dataSiloId The ID of the data silo to pull in
--actions The request actions to restart [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitBulk restarting a set of data silos jobs for open privacy requests
transcend request system retry-request-data-silos \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ACCESSSpecifying the backend URL, needed for US hosted backend infrastructure
transcend request system retry-request-data-silos \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ACCESS \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend request system skip-request-data-silos (--auth value) (--dataSiloId value) [--transcendUrl value] (--statuses REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED) [--status SKIPPED|RESOLVED]
transcend request system skip-request-data-silos --help
This command allows for bulk skipping all open privacy request jobs for a particular data silo. This command is useful if you want to disable a data silo and then clear out any active privacy requests that are still queued up for that data silo.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Compilation"
--dataSiloId The ID of the data silo to skip privacy request jobs for
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
--statuses The request statuses to skip [REQUEST_MADE|FAILED_VERIFICATION|ENRICHING|ON_HOLD|WAITING|COMPILING|APPROVING|DELAYED|COMPLETED|DOWNLOADABLE|VIEW_CATEGORIES|CANCELED|SECONDARY|SECONDARY_COMPLETED|SECONDARY_APPROVING|REVOKED, separator = ,]
[--status] The status to set the request data silo job to [SKIPPED|RESOLVED, default = SKIPPED]
-h --help Print help information and exitBulk skipping all open privacy request jobs for a particular data silo
transcend request system skip-request-data-silos \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--statuses=COMPILING,SECONDARYSpecifying the backend URL, needed for US hosted backend infrastructure
transcend request system skip-request-data-silos \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--transcendUrl=https://api.us.transcend.io \
--statuses=COMPILING,SECONDARYOnly mark as completed requests in "removing data" phase
transcend request system skip-request-data-silos \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--statuses=SECONDARYSet to status "RESOLVED" instead of status "SKIPPED"
transcend request system skip-request-data-silos \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--statuses=COMPILING,SECONDARY \
--status=RESOLVEDUSAGE
transcend request preflight pull-identifiers (--auth value) [--sombraAuth value] [--transcendUrl value] [--file value] [--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD] [--concurrency value]
transcend request preflight pull-identifiers --help
This command pulls down the set of privacy requests that are currently pending manual enrichment.
This is useful for the following workflow:
1. Pull identifiers to CSV:
transcend request preflight pull-identifiers --file=./enrichment-requests.csv
2. Fill out the CSV with additional identifiers
3. Push updated back to Transcend:
transcend request preflight push-identifiers --file=./enrichment-requests.csv
FLAGS
--auth The Transcend API key. Requires scopes: "View Incoming Requests", "View the Request Compilation"
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--file] Path to the CSV file where requests will be written to [default = ./manual-enrichment-identifiers.csv]
[--actions] The request actions to pull for [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 100]
-h --help Print help information and exitPull down the set of privacy requests that are currently pending manual enrichment
transcend request preflight pull-identifiers --auth="$TRANSCEND_API_KEY"Pull to a specific file location
transcend request preflight pull-identifiers --auth="$TRANSCEND_API_KEY" --file=/Users/transcend/Desktop/test.csvFor specific types of requests
transcend request preflight pull-identifiers --auth="$TRANSCEND_API_KEY" --actions=ACCESS,ERASUREFor US hosted infrastructure
transcend request preflight pull-identifiers --auth="$TRANSCEND_API_KEY" --transcendUrl=https://api.us.transcend.ioWith Sombra authentication
transcend request preflight pull-identifiers --auth="$TRANSCEND_API_KEY" --sombraAuth="$SOMBRA_INTERNAL_KEY"With specific concurrency
transcend request preflight pull-identifiers --auth="$TRANSCEND_API_KEY" --concurrency=200USAGE
transcend request preflight push-identifiers (--auth value) (--enricherId value) [--sombraAuth value] [--transcendUrl value] [--file value] [--markSilent] [--concurrency value]
transcend request preflight push-identifiers --help
This command push up a set of identifiers for a set of requests pending manual enrichment.
This is useful for the following workflow:
1. Pull identifiers to CSV:
transcend request preflight pull-identifiers --file=./enrichment-requests.csv
2. Fill out the CSV with additional identifiers
3. Push updated back to Transcend:
transcend request preflight push-identifiers --file=./enrichment-requests.csv
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Request Identity Verification", "Manage Request Compilation"
--enricherId The ID of the Request Enricher to upload to
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--file] Path to the CSV file where requests will be written to [default = ./manual-enrichment-identifiers.csv]
[--markSilent] When true, set requests into silent mode before enriching [default = false]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 100]
-h --help Print help information and exitPush up a set of identifiers for a set of requests pending manual enrichment
transcend request preflight push-identifiers \
--auth="$TRANSCEND_API_KEY" \
--enricherId=27d45a0d-7d03-47fa-9b30-6d697005cfcfPull to a specific file location
transcend request preflight push-identifiers \
--auth="$TRANSCEND_API_KEY" \
--enricherId=27d45a0d-7d03-47fa-9b30-6d697005cfcf \
--file=/Users/transcend/Desktop/test.csvFor US hosted infrastructure
transcend request preflight push-identifiers \
--auth="$TRANSCEND_API_KEY" \
--enricherId=27d45a0d-7d03-47fa-9b30-6d697005cfcf \
--transcendUrl=https://api.us.transcend.ioWith Sombra authentication
transcend request preflight push-identifiers \
--auth="$TRANSCEND_API_KEY" \
--enricherId=27d45a0d-7d03-47fa-9b30-6d697005cfcf \
--sombraAuth="$SOMBRA_INTERNAL_KEY"With specific concurrency
transcend request preflight push-identifiers \
--auth="$TRANSCEND_API_KEY" \
--enricherId=27d45a0d-7d03-47fa-9b30-6d697005cfcf \
--concurrency=200When enriching requests, mark all requests as silent mode before processing
transcend request preflight push-identifiers \
--auth="$TRANSCEND_API_KEY" \
--enricherId=27d45a0d-7d03-47fa-9b30-6d697005cfcf \
--markSilentUSAGE
transcend request cron pull-identifiers (--auth value) (--dataSiloId value) (--actions AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD) [--file value] [--transcendUrl value] [--sombraAuth value] [--pageLimit value] [--skipRequestCount] [--chunkSize value]
transcend request cron pull-identifiers --help
If you are using the cron job integration, you can run this command to pull the outstanding identifiers for the data silo to a CSV.
For large datasets, the output will be automatically split into multiple CSV files to avoid file system size limits. Use the --chunkSize parameter to control the maximum number of rows per file.
Read more at https://docs.transcend.io/docs/integrations/cron-job-integration.
FLAGS
--auth The Transcend API key. This key must be associated with the data silo(s) being operated on. No scopes are required for this command.
--dataSiloId The ID of the data silo to pull in
--actions The request actions to restart [AUTOMATED_DECISION_MAKING_OPT_OUT|USE_OF_SENSITIVE_INFORMATION_OPT_OUT|CONTACT_OPT_OUT|SALE_OPT_OUT|TRACKING_OPT_OUT|CUSTOM_OPT_OUT|AUTOMATED_DECISION_MAKING_OPT_IN|USE_OF_SENSITIVE_INFORMATION_OPT_IN|SALE_OPT_IN|TRACKING_OPT_IN|CONTACT_OPT_IN|CUSTOM_OPT_IN|ACCESS|ERASURE|RECTIFICATION|RESTRICTION|BUSINESS_PURPOSE|PLACE_ON_LEGAL_HOLD|REMOVE_FROM_LEGAL_HOLD, separator = ,]
[--file] Path to the CSV file where identifiers will be written to [default = ./cron-identifiers.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--pageLimit] The page limit to use when pulling in pages of identifiers [default = 100]
[--skipRequestCount] Whether to skip the count of all outstanding requests. This is required to render the progress bar, but can take a long time to run if you have a large number of outstanding requests to process. In that case, we recommend setting skipRequestCount=true so that you can still proceed with fetching the identifiers [default = false]
[--chunkSize] Maximum number of rows per CSV file. For large datasets, the output will be automatically split into multiple files to avoid file system size limits. Each file will contain at most this many rows [default = 10000]
-h --help Print help information and exitPull outstanding identifiers for a data silo
transcend request cron pull-identifiers \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ERASUREPull to a specific file location
transcend request cron pull-identifiers \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ERASURE \
--file=/Users/transcend/Desktop/test.csvFor self-hosted sombras that use an internal key
transcend request cron pull-identifiers \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ERASURE \
--sombraAuth="$SOMBRA_INTERNAL_KEY"Specifying the backend URL, needed for US hosted backend infrastructure
transcend request cron pull-identifiers \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ERASURE \
--transcendUrl=https://api.us.transcend.ioSpecifying the page limit, defaults to 100
transcend request cron pull-identifiers \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ERASURE \
--pageLimit=300 \
--chunkSize=6000Specifying the chunk size for large datasets to avoid file size limits (defaults to 100,000 rows per file)
transcend request cron pull-identifiers \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ERASURE \
--chunkSize=50000USAGE
transcend request cron mark-identifiers-completed (--auth value) (--dataSiloId value) [--file value] [--transcendUrl value] [--sombraAuth value]
transcend request cron mark-identifiers-completed --help
This command takes the output of "transcend request cron pull-identifiers" and notifies Transcend that all of the requests in the CSV have been processed.
This is used in the workflow like:
1. Pull identifiers to CSV:
transcend request cron pull-identifiers \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--actions=ERASURE \
--file=./outstanding-requests.csv
2. Run your process to operate on that CSV of requests.
3. Notify Transcend of completion
transcend request cron mark-identifiers-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--file=./outstanding-requests.csv
Read more at https://docs.transcend.io/docs/integrations/cron-job-integration.
FLAGS
--auth The Transcend API key. This key must be associated with the data silo(s) being operated on. No scopes are required for this command.
--dataSiloId The ID of the data silo to pull in
[--file] Path to the CSV file where identifiers will be written to [default = ./cron-identifiers.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
-h --help Print help information and exitMark identifiers as completed
transcend request cron mark-identifiers-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599fPull to a specific file location
transcend request cron mark-identifiers-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--file=/Users/transcend/Desktop/test.csvFor self-hosted sombras that use an internal key
transcend request cron mark-identifiers-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--sombraAuth="$SOMBRA_INTERNAL_KEY"Specifying the backend URL, needed for US hosted backend infrastructure
transcend request cron mark-identifiers-completed \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=70810f2e-cf90-43f6-9776-901a5950599f \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend consent build-xdi-sync-endpoint (--auth value) (--xdiLocation value) [--file value] [--removeIpAddresses] [--domainBlockList value] [--xdiAllowedCommands value] [--transcendUrl value]
transcend consent build-xdi-sync-endpoint --help
This command allows for building of the XDI Sync Endpoint across a set of Transcend accounts.
FLAGS
--auth The Transcend API key. Requires scopes: "View Consent Manager"
--xdiLocation The location of the XDI that will be loaded by the generated sync endpoint
[--file] The HTML file path where the sync endpoint should be written [default = ./sync-endpoint.html]
[--removeIpAddresses/--noRemoveIpAddresses] When true, remove IP addresses from the domain list [default = true]
[--domainBlockList] The set of domains that should be excluded from the sync endpoint. Comma-separated list. [default = localhost]
[--xdiAllowedCommands] The allowed set of XDI commands [default = ConsentManager:Sync]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitBuild XDI sync endpoint
transcend consent build-xdi-sync-endpoint --auth="$TRANSCEND_API_KEY" --xdiLocation=https://cdn.your-site.com/xdi.jsSpecifying the backend URL, needed for US hosted backend infrastructure
transcend consent build-xdi-sync-endpoint \
--auth="$TRANSCEND_API_KEY" \
--xdiLocation=https://cdn.your-site.com/xdi.js \
--transcendUrl=https://api.us.transcend.ioPull to specific file location
transcend consent build-xdi-sync-endpoint \
--auth="$TRANSCEND_API_KEY" \
--xdiLocation=https://cdn.your-site.com/xdi.js \
--file=./my-folder/sync-endpoint.htmlDon't filter out regular expressions
transcend consent build-xdi-sync-endpoint \
--auth="$TRANSCEND_API_KEY" \
--xdiLocation=https://cdn.your-site.com/xdi.js \
--removeIpAddresses=falseFilter out certain domains that should not be included in the sync endpoint definition
transcend consent build-xdi-sync-endpoint \
--auth="$TRANSCEND_API_KEY" \
--xdiLocation=https://cdn.your-site.com/xdi.js \
--domainBlockList=ignored.com,localhostOverride XDI allowed commands
transcend consent build-xdi-sync-endpoint \
--auth="$TRANSCEND_API_KEY" \
--xdiLocation=https://cdn.your-site.com/xdi.js \
--xdiAllowedCommands=ExtractIdentifiers:SimpleConfiguring across multiple Transcend Instances
# Pull down API keys across all Transcend instances
transcend admin generate-api-keys \
--email="$TRANSCEND_EMAIL" \
--password="$TRANSCEND_PASSWORD" \
--transcendUrl=https://api.us.transcend.io \
--scopes="View Consent Manager" \
--apiKeyTitle="[cli][$TRANSCEND_EMAIL] XDI Endpoint Construction" \
--file=./api-keys.json \
--parentOrganizationId=1821d872-6114-406e-90c3-73b4d5e246cf
# Path list of API keys as authentication
transcend consent build-xdi-sync-endpoint \
--auth=./api-keys.json \
--xdiLocation=https://cdn.your-site.com/xdi.js \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend consent pull-consent-metrics (--auth value) (--start value) [--end value] [--folder value] [--bin value] [--transcendUrl value]
transcend consent pull-consent-metrics --help
This command allows for pulling consent manager metrics for a Transcend account, or a set of Transcend accounts.
By default, the consent metrics will be written to a folder named `consent-metrics` within the directory where you run the command. You can override the location that these CSVs are written to using the flag `--folder=./my-folder/`. This folder will contain a set of CSV files:
- `CONSENT_CHANGES_TIMESERIES_optIn.csv` -> this is a feed containing the number of explicit opt in events that happen - these are calls to `airgap.setConsent(event, { SaleOfInfo: true });`
- `CONSENT_CHANGES_TIMESERIES_optOut.csv` -> this is a feed containing the number of explicit opt out events that happen - these are calls to `airgap.setConsent(event, { SaleOfInfo: false });`
- `CONSENT_SESSIONS_BY_REGIME_Default.csv` -> this contains the number of sessions detected for the bin period
- `PRIVACY_SIGNAL_TIMESERIES_DNT.csv` -> the number of DNT signals detected.
- `PRIVACY_SIGNAL_TIMESERIES_GPC.csv` -> the number of GPC signals detected.
FLAGS
--auth The Transcend API key. Requires scopes: "View Consent Manager"
--start The start date to pull metrics from
[--end] The end date to pull metrics until
[--folder] The folder to save metrics to [default = ./consent-metrics/]
[--bin] The bin metric when pulling data (1h or 1d) [default = 1d]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitPull consent manager metrics for a Transcend account
transcend consent pull-consent-metrics --auth="$TRANSCEND_API_KEY" --start=2024-01-01T00:00:00.000ZSpecifying the backend URL, needed for US hosted backend infrastructure
transcend consent pull-consent-metrics \
--auth="$TRANSCEND_API_KEY" \
--start=2024-01-01T00:00:00.000Z \
--transcendUrl=https://api.us.transcend.ioPull start and end date explicitly
transcend consent pull-consent-metrics \
--auth="$TRANSCEND_API_KEY" \
--start=2024-01-01T00:00:00.000Z \
--end=2024-03-01T00:00:00.000ZSave to an explicit folder
transcend consent pull-consent-metrics \
--auth="$TRANSCEND_API_KEY" \
--start=2024-01-01T00:00:00.000Z \
--end=2024-03-01T00:00:00.000Z \
--folder=./my-folder/Bin data hourly vs daily
transcend consent pull-consent-metrics --auth="$TRANSCEND_API_KEY" --start=2024-01-01T00:00:00.000Z --bin=1hUSAGE
transcend consent pull-consent-preferences (--auth value) (--partition value) [--sombraAuth value] [--file value] [--transcendUrl value] [--timestampBefore value] [--timestampAfter value] [--identifiers value]... [--concurrency value]
transcend consent pull-consent-preferences --help
This command allows for pull of consent preferences from the Managed Consent Database.
FLAGS
--auth The Transcend API key. Requires scopes: "View Managed Consent Database Admin API"
--partition The partition key to download consent preferences to
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--file] Path to the CSV file to save preferences to [default = ./preferences.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--timestampBefore] Filter for consents updated this time
[--timestampAfter] Filter for consents updated after this time
[--identifiers]... Filter for specific identifiers [separator = ,]
[--concurrency] The concurrency to use when downloading consents in parallel [default = 100]
-h --help Print help information and exitFetch all consent preferences from partition key
transcend consent pull-consent-preferences \
--auth="$TRANSCEND_API_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726Fetch all consent preferences from partition key and save to ./consent.csv
transcend consent pull-consent-preferences \
--auth="$TRANSCEND_API_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--file=./consent.csvFilter on consent updates before a date
transcend consent pull-consent-preferences \
--auth="$TRANSCEND_API_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--timestampBefore=2024-04-03T00:00:00.000ZFilter on consent updates after a date
transcend consent pull-consent-preferences \
--auth="$TRANSCEND_API_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--timestampAfter=2024-04-03T00:00:00.000ZFor self-hosted sombras that use an internal key
transcend consent pull-consent-preferences \
--auth="$TRANSCEND_API_KEY" \
--sombraAuth="$SOMBRA_INTERNAL_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726Specifying the backend URL, needed for US hosted backend infrastructure
transcend consent pull-consent-preferences \
--auth="$TRANSCEND_API_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend consent update-consent-manager (--auth value) (--bundleTypes PRODUCTION|TEST) [--deploy] [--transcendUrl value]
transcend consent update-consent-manager --help
This command allows for updating Consent Manager to latest version. The Consent Manager bundle can also be deployed using this command.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Consent Manager Developer Settings"
--bundleTypes The bundle types to deploy. Defaults to PRODUCTION,TEST. [PRODUCTION|TEST, separator = ,]
[--deploy] When true, deploy the Consent Manager after updating the version [default = false]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitUpdate Consent Manager to latest version
transcend consent update-consent-manager --auth="$TRANSCEND_API_KEY"Specifying the backend URL, needed for US hosted backend infrastructure
transcend consent update-consent-manager --auth="$TRANSCEND_API_KEY" --transcendUrl=https://api.us.transcend.ioUpdate version and deploy bundles
transcend consent update-consent-manager --auth="$TRANSCEND_API_KEY" --deployUpdate just the TEST bundle
transcend consent update-consent-manager --auth="$TRANSCEND_API_KEY" --bundleTypes=TESTUpdate just the PRODUCTION bundle
transcend consent update-consent-manager --auth="$TRANSCEND_API_KEY" --bundleTypes=PRODUCTIONUpdate multiple organizations at once
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="Manage Consent Manager" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./transcend-api-keys.json
transcend consent update-consent-manager --auth=./transcend-api-keys.json --deployUSAGE
transcend consent upload-consent-preferences (--base64EncryptionKey value) (--base64SigningKey value) (--partition value) [--file value] [--consentUrl value] [--concurrency value]
transcend consent upload-consent-preferences --help
This command allows for updating of consent preferences to the Managed Consent Database.
FLAGS
--base64EncryptionKey The encryption key used to encrypt the userId
--base64SigningKey The signing key used to prove authentication of consent request
--partition The partition key to download consent preferences to
[--file] The file to pull consent preferences from [default = ./preferences.csv]
[--consentUrl] URL of the Transcend consent backend. Use https://consent.us.transcend.io for US hosting [default = https://consent.transcend.io]
[--concurrency] The concurrency to use when uploading requests in parallel [default = 100]
-h --help Print help information and exitUpload consent preferences to partition key
transcend consent upload-consent-preferences \
--base64EncryptionKey="$TRANSCEND_CONSENT_ENCRYPTION_KEY" \
--base64SigningKey="$TRANSCEND_CONSENT_SIGNING_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726Upload consent preferences to partition key from file
transcend consent upload-consent-preferences \
--base64EncryptionKey="$TRANSCEND_CONSENT_ENCRYPTION_KEY" \
--base64SigningKey="$TRANSCEND_CONSENT_SIGNING_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--file=./consent.csvUpload consent preferences to partition key and set concurrency
transcend consent upload-consent-preferences \
--base64EncryptionKey="$TRANSCEND_CONSENT_ENCRYPTION_KEY" \
--base64SigningKey="$TRANSCEND_CONSENT_SIGNING_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--concurrency=200USAGE
transcend consent upload-cookies-from-csv (--auth value) (--trackerStatus LIVE|NEEDS_REVIEW) [--file value] [--transcendUrl value]
transcend consent upload-cookies-from-csv --help
Upload cookies from CSV. This command allows for uploading of cookies from CSV.
Step 1) Download the CSV of cookies that you want to edit from the Admin Dashboard under [Consent Management -> Cookies](https://app.transcend.io/consent-manager/cookies). You can download cookies from both the "Triage" and "Approved" tabs.
Step 2) You can edit the contents of the CSV file as needed. You may adjust the "Purpose" column, adjust the "Notes" column, add "Owners" and "Teams" or even add custom columns with additional metadata.
Step 3) Upload the modified CSV file back into the dashboard with this command.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Data Flows"
--trackerStatus The status of the cookies you will upload. [LIVE|NEEDS_REVIEW]
[--file] Path to the CSV file to upload [default = ./cookies.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitUpload the file of cookies in ./cookies.csv into the "Approved" tab
transcend consent upload-cookies-from-csv --auth="$TRANSCEND_API_KEY" --trackerStatus=LIVEUpload the file of cookies in ./cookies.csv into the "Triage" tab
transcend consent upload-cookies-from-csv --auth="$TRANSCEND_API_KEY" --trackerStatus=NEEDS_REVIEWSpecifying the CSV file to read from
transcend consent upload-cookies-from-csv \
--auth="$TRANSCEND_API_KEY" \
--trackerStatus=LIVE \
--file=./custom/my-cookies.csvSpecifying the backend URL, needed for US hosted backend infrastructure
transcend consent upload-cookies-from-csv \
--auth="$TRANSCEND_API_KEY" \
--trackerStatus=LIVE \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend consent upload-data-flows-from-csv (--auth value) (--trackerStatus LIVE|NEEDS_REVIEW) [--file value] [--classifyService] [--transcendUrl value]
transcend consent upload-data-flows-from-csv --help
Upload data flows from CSV. This command allows for uploading of data flows from CSV.
Step 1) Download the CSV of data flows that you want to edit from the Admin Dashboard under [Consent Management -> Data Flows](https://app.transcend.io/consent-manager/data-flows). You can download data flows from both the "Triage" and "Approved" tabs.
Step 2) You can edit the contents of the CSV file as needed. You may adjust the "Purpose" column, adjust the "Notes" column, add "Owners" and "Teams" or even add custom columns with additional metadata.
Step 3) Upload the modified CSV file back into the dashboard with this command.
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Data Flows"
--trackerStatus The status of the data flows you will upload. [LIVE|NEEDS_REVIEW]
[--file] Path to the CSV file to upload [default = ./data-flows.csv]
[--classifyService] When true, automatically assign the service for a data flow based on the domain that is specified [default = false]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitTo get a CSV of data flows, you can download the data flows from the Admin Dashboard under Consent Management -> Data Flows. You can download data flows from both the "Triage" and "Approved" tabs.
Upload the file of data flows in ./data-flows.csv into the "Approved" tab
transcend consent upload-data-flows-from-csv --auth="$TRANSCEND_API_KEY" --trackerStatus=LIVEUpload the file of data flows in ./data-flows.csv into the "Triage" tab
transcend consent upload-data-flows-from-csv --auth="$TRANSCEND_API_KEY" --trackerStatus=NEEDS_REVIEWSpecifying the CSV file to read from
transcend consent upload-data-flows-from-csv \
--auth="$TRANSCEND_API_KEY" \
--trackerStatus=LIVE \
--file=./custom/my-data-flows.csvHave Transcend automatically fill in the service names by looking up the data flow host in Transcend's database
transcend consent upload-data-flows-from-csv --auth="$TRANSCEND_API_KEY" --trackerStatus=LIVE --classifyServiceSpecifying the backend URL, needed for US hosted backend infrastructure
transcend consent upload-data-flows-from-csv \
--auth="$TRANSCEND_API_KEY" \
--trackerStatus=LIVE \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend consent upload-preferences (--auth value) (--partition value) [--sombraAuth value] [--transcendUrl value] [--file value] [--directory value] [--dryRun] [--skipExistingRecordCheck] [--receiptFileDir value] [--skipWorkflowTriggers] [--forceTriggerWorkflows] [--skipConflictUpdates] [--isSilent] [--attributes value] [--receiptFilepath value] [--concurrency value]
transcend consent upload-preferences --help
Upload preference management data to your Preference Store.
This command prompts you to map the shape of the CSV to the shape of the Transcend API. There is no requirement for the shape of the incoming CSV, as the script will handle the mapping process.
The script will also produce a JSON cache file that allows for the mappings to be preserved between runs.
FLAGS
--auth The Transcend API key. Requires scopes: "Modify User Stored Preferences", "View Managed Consent Database Admin API", "View Preference Store Settings"
--partition The partition key to download consent preferences to
[--sombraAuth] The Sombra internal key, use for additional authentication when self-hosting Sombra
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--file] Path to the CSV file to load preferences from
[--directory] Path to the directory of CSV files to load preferences from
[--dryRun] Whether to do a dry run only - will write results to receiptFilepath without updating Transcend [default = false]
[--skipExistingRecordCheck] Whether to skip the check for existing records. SHOULD ONLY BE USED FOR INITIAL UPLOAD [default = false]
[--receiptFileDir] Directory path where the response receipts should be saved [default = ./receipts]
[--skipWorkflowTriggers] Whether to skip workflow triggers when uploading to preference store [default = false]
[--forceTriggerWorkflows] Whether to force trigger workflows for existing consent records [default = false]
[--skipConflictUpdates] Whether to skip uploading of any records where the preference store and file have a hard conflict [default = false]
[--isSilent/--noIsSilent] Whether to skip sending emails in workflows [default = true]
[--attributes] Attributes to add to any DSR request if created. Comma-separated list of key:value pairs. [default = Tags:transcend-cli,Source:transcend-cli]
[--receiptFilepath] Store resulting, continuing where left off [default = ./preference-management-upload-receipts.json]
[--concurrency] The concurrency to use when uploading in parallel [default = 10]
-h --help Print help information and exitA sample CSV can be found here. In this example, Sales and Marketing are two custom Purposes, and SalesCommunications and MarketingCommunications are Preference Topics. During the interactive CLI prompt, you can map these columns to the slugs stored in Transcend!
Upload consent preferences to partition key 4d1c5daa-90b7-4d18-aa40-f86a43d2c726
transcend consent upload-preferences \
--auth="$TRANSCEND_API_KEY" \
--file=./preferences.csv \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726Upload consent preferences with additional options
transcend consent upload-preferences \
--auth="$TRANSCEND_API_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--file=./preferences.csv \
--dryRun \
--skipWorkflowTriggers \
--skipConflictUpdates \
--isSilent=false \
--attributes=Tags:transcend-cli,Source:transcend-cli \
--receiptFilepath=./preference-management-upload-receipts.jsonSpecifying the backend URL, needed for US hosted backend infrastructure
transcend consent upload-preferences \
--auth="$TRANSCEND_API_KEY" \
--partition=4d1c5daa-90b7-4d18-aa40-f86a43d2c726 \
--file=./preferences.csv \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend inventory pull (--auth value) [--resources all|apiKeys|customFields|templates|dataSilos|enrichers|dataFlows|businessEntities|processingActivities|actions|dataSubjects|identifiers|cookies|consentManager|partitions|prompts|promptPartials|promptGroups|agents|agentFunctions|agentFiles|vendors|dataCategories|processingPurposes|actionItems|actionItemCollections|teams|privacyCenters|policies|messages|assessments|assessmentTemplates|purposes] [--file value] [--transcendUrl value] [--dataSiloIds value]... [--integrationNames value]... [--trackerStatuses LIVE|NEEDS_REVIEW] [--pageSize value] [--skipDatapoints] [--skipSubDatapoints] [--includeGuessedCategories] [--debug]
transcend inventory pull --help
Generates a transcend.yml by pulling the configuration from your Transcend instance.
The API key needs various scopes depending on the resources being pulled (see the CLI's README for more details).
This command can be helpful if you are looking to:
- Copy your data into another instance
- Generate a transcend.yml file as a starting point to maintain parts of your data inventory in code.
FLAGS
--auth The Transcend API key. The scopes required will vary depending on the operation performed. If in doubt, the Full Admin scope will always work.
[--resources] The different resource types to pull in. Defaults to dataSilos,enrichers,templates,apiKeys. [all|apiKeys|customFields|templates|dataSilos|enrichers|dataFlows|businessEntities|processingActivities|actions|dataSubjects|identifiers|cookies|consentManager|partitions|prompts|promptPartials|promptGroups|agents|agentFunctions|agentFiles|vendors|dataCategories|processingPurposes|actionItems|actionItemCollections|teams|privacyCenters|policies|messages|assessments|assessmentTemplates|purposes, separator = ,]
[--file] Path to the YAML file to pull into [default = ./transcend.yml]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--dataSiloIds]... The UUIDs of the data silos that should be pulled into the YAML file [separator = ,]
[--integrationNames]... The types of integrations to pull down [separator = ,]
[--trackerStatuses] The statuses of consent manager trackers to pull down. Defaults to all statuses. [LIVE|NEEDS_REVIEW, separator = ,]
[--pageSize] The page size to use when paginating over the API [default = 50]
[--skipDatapoints] When true, skip pulling in datapoints alongside data silo resource [default = false]
[--skipSubDatapoints] When true, skip pulling in subDatapoints alongside data silo resource [default = false]
[--includeGuessedCategories] When true, included guessed data categories that came from the content classifier [default = false]
[--debug] Set to true to include debug logs while pulling the configuration [default = false]
-h --help Print help information and exitThe API key permissions for this command vary based on the resources argument:
| Resource | Key in transcend.yml |
Description | Scopes | Link |
|---|---|---|---|---|
apiKeys |
api-keys |
API Key definitions assigned to Data Systems (formerly "Data Silos"). API keys cannot be created through the CLI, but you can map API key usage to Data Systems. | View API Keys | Developer Tools -> API keys |
customFields |
attributes |
Custom Field definitions that define extra metadata for each table in the Admin Dashboard. | View Global Attributes | Custom Fields |
templates |
templates |
Email templates. Only template titles can be created and mapped to other resources. | View Email Templates | DSR Automation -> Email Settings -> Templates |
dataSilos |
data-silos |
The Data System (formerly "Data Silo") definitions. | View Data Map, View Data Subject Request Settings | Data Inventory -> Data Systems Infrastructure -> Integrations |
enrichers |
enrichers |
The Privacy Request enricher configurations. | View Identity Verification Settings | DSR Automation -> Identifiers |
dataFlows |
data-flows |
Consent Manager Data Flow definitions. | View Data Flows | Consent Management -> Data Flows |
businessEntities |
business-entities |
The business entities in the Data Inventory. | View Data Inventory | Data Inventory -> Business Entities |
processingActivities |
processing-activities |
The processing activities in the Data Inventory. | View Data Inventory | Data Inventory -> Processing Activities |
actions |
actions |
The privacy request action settings. | View Data Subject Request Settings | DSR Automation -> Request Settings -> Data Actions |
dataSubjects |
data-subjects |
The privacy request data subject settings. | View Data Subject Request Settings | DSR Automation -> Request Settings -> Data Subjects |
identifiers |
identifiers |
The privacy request identifier configurations. | View Identity Verification Settings | DSR Automation -> Identifiers |
cookies |
cookies |
Consent Manager Cookie definitions. | View Data Flows | Consent Management -> Cookies |
consentManager |
consent-manager |
Consent Manager general settings, including domain list. | View Consent Manager | Consent Management -> Developer Settings |
partitions |
partitions |
The partitions in the account (often representative of separate data controllers). | View Consent Manager | Consent Management -> Developer Settings -> Advanced Settings |
prompts |
prompts |
The Transcend AI prompts | View Prompts | Prompt Manager -> Browse |
promptPartials |
prompt-partials |
The Transcend AI prompt partials | View Prompts | Prompt Manager -> Partials |
promptGroups |
prompt-groups |
The Transcend AI prompt groups | View Prompts | Prompt Manager -> Groups |
agents |
agents |
The agents in Pathfinder. | View Pathfinder | Pathfinder -> Agents |
agentFunctions |
agent-functions |
The agent functions in Pathfinder. | View Pathfinder | Pathfinder -> Agent Functions |
agentFiles |
agent-files |
The agent files in Pathfinder. | View Pathfinder | Pathfinder -> Agent Files |
vendors |
vendors |
The vendors in the Data Inventory. | View Data Inventory | Data Inventory -> Vendors |
dataCategories |
data-categories |
The data categories in the Data Inventory. | View Data Inventory | Data Inventory -> Data Categories |
processingPurposes |
processing-purposes |
The processing purposes in the Data Inventory. | View Data Inventory | Data Inventory -> Processing Purposes |
actionItems |
action-items |
Onboarding-related action items | View All Action Items | Action Items |
actionItemCollections |
action-item-collections |
Onboarding-related action item group names | View All Action Items | Action Items |
teams |
teams |
Team definitions of users and scope groupings | View Scopes | Administration -> Teams |
privacyCenters |
privacy-center |
The Privacy Center settings. | View Privacy Center Layout | Privacy Center |
policies |
policies |
The Privacy Center policies. | View Policies | Privacy Center -> Policies |
messages |
messages |
Message definitions used across Consent Management, the Privacy Center, email templates and more. | View Internationalization Messages | Privacy Center -> Messages & Internationalization Consent Management -> Display Settings -> Messages |
assessments |
assessments |
Assessment responses. | View Assessments | Assessments -> Assessments |
assessmentTemplates |
assessment-templates |
Assessment template configurations. | View Assessments | Assessment -> Templates |
purposes |
purposes |
Consent purposes and related preference management topics. | View Consent Manager, View Preference Store Settings | Consent Management -> Regional Experiences -> Purposes |
Write out file to ./transcend.yml
transcend inventory pull --auth="$TRANSCEND_API_KEY"Write out file to custom location
transcend inventory pull --auth="$TRANSCEND_API_KEY" --file=./custom/location.ymlPull specific data silo by ID
transcend inventory pull --auth="$TRANSCEND_API_KEY" --dataSiloIds=710fec3c-7bcc-4c9e-baff-bf39f9bec43ePull specific types of data silos
transcend inventory pull --auth="$TRANSCEND_API_KEY" --integrationNames=salesforce,snowflakePull specific resource types
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=apiKeys,templates,dataSilos,enrichersPull data flows and cookies with specific tracker statuses (see this example)
transcend inventory pull \
--auth="$TRANSCEND_API_KEY" \
--resources=dataFlows,cookies \
--trackerStatuses=NEEDS_REVIEW,LIVEPull data silos without datapoint information
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=dataSilos --skipDatapointsPull data silos without subdatapoint information
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=dataSilos --skipSubDatapointsPull data silos with guessed categories
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=dataSilos --includeGuessedCategoriesPull custom field definitions only (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=customFieldsPull business entities only (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=businessEntitiesPull processing activities only (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=processingActivitiesPull enrichers and identifiers (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=enrichers,identifiersPull onboarding action items (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=actionItems,actionItemCollectionsPull consent manager domain list (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=consentManagerPull identifier configurations (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=identifiersPull request actions configurations (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=actionsPull consent manager purposes and preference management topics (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=purposesPull data subject configurations (see this example)
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=dataSubjectsPull assessments and assessment templates
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=assessments,assessmentTemplatesPull everything
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=allPull configuration files across multiple instances
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Consent Manager" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./transcend-api-keys.json
transcend inventory pull --auth=./transcend-api-keys.json --resources=consentManager --file=./transcend/Note: This command will overwrite the existing transcend.yml file that you have locally.
USAGE
transcend inventory push (--auth value) [--file value] [--transcendUrl value] [--pageSize value] [--variables value] [--publishToPrivacyCenter] [--classifyService] [--deleteExtraAttributeValues]
transcend inventory push --help
Given a transcend.yml file, sync the contents up to your Transcend instance.
FLAGS
--auth The Transcend API key. The scopes required will vary depending on the operation performed. If in doubt, the Full Admin scope will always work.
[--file] Path to the YAML file to push from [default = ./transcend.yml]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--pageSize] The page size to use when paginating over the API [default = 50]
[--variables] The variables to template into the YAML file when pushing configuration. Comma-separated list of key:value pairs. [default = ""]
[--publishToPrivacyCenter] When true, publish the configuration to the Privacy Center [default = false]
[--classifyService] When true, automatically assign the service for a data flow based on the domain that is specified [default = false]
[--deleteExtraAttributeValues] When true and syncing attributes, delete any extra attributes instead of just upserting [default = false]
-h --help Print help information and exitThe API key permissions for this command vary based on the resources declared as top-level keys in your transcend.yml file:
| Resource | Key in transcend.yml |
Description | Scopes | Link |
|---|---|---|---|---|
apiKeys |
api-keys |
API Key definitions assigned to Data Systems (formerly "Data Silos"). API keys cannot be created through the CLI, but you can map API key usage to Data Systems. | View API Keys | Developer Tools -> API keys |
customFields |
attributes |
Custom Field definitions that define extra metadata for each table in the Admin Dashboard. | Manage Global Attributes | Custom Fields |
templates |
templates |
Email templates. Only template titles can be created and mapped to other resources. | Manage Email Templates | DSR Automation -> Email Settings -> Templates |
dataSilos |
data-silos |
The Data System (formerly "Data Silo") definitions. | Manage Data Map, Connect Data Silos | Data Inventory -> Data Systems Infrastructure -> Integrations |
enrichers |
enrichers |
The Privacy Request enricher configurations. | Manage Request Identity Verification | DSR Automation -> Identifiers |
dataFlows |
data-flows |
Consent Manager Data Flow definitions. | Manage Data Flows | Consent Management -> Data Flows |
businessEntities |
business-entities |
The business entities in the Data Inventory. | Manage Data Inventory | Data Inventory -> Business Entities |
processingActivities |
processing-activities |
The processing activities in the Data Inventory. | Manage Data Map | Data Inventory -> Processing Activities |
actions |
actions |
The privacy request action settings. | Manage Data Subject Request Settings | DSR Automation -> Request Settings -> Data Actions |
dataSubjects |
data-subjects |
The privacy request data subject settings. | Manage Data Subject Request Settings | DSR Automation -> Request Settings -> Data Subjects |
identifiers |
identifiers |
The privacy request identifier configurations. | Manage Request Identity Verification | DSR Automation -> Identifiers |
cookies |
cookies |
Consent Manager Cookie definitions. | Manage Data Flows | Consent Management -> Cookies |
consentManager |
consent-manager |
Consent Manager general settings, including domain list. | Manage Consent Manager Developer Settings | Consent Management -> Developer Settings |
partitions |
partitions |
The partitions in the account (often representative of separate data controllers). | Manage Consent Manager Developer Settings | Consent Management -> Developer Settings -> Advanced Settings |
prompts |
prompts |
The Transcend AI prompts | Manage Prompts | Prompt Manager -> Browse |
promptPartials |
prompt-partials |
The Transcend AI prompt partials | Manage Prompts | Prompt Manager -> Partials |
promptGroups |
prompt-groups |
The Transcend AI prompt groups | Manage Prompts | Prompt Manager -> Groups |
agents |
agents |
The agents in Pathfinder. | Manage Pathfinder | Pathfinder -> Agents |
agentFunctions |
agent-functions |
The agent functions in Pathfinder. | Manage Pathfinder | Pathfinder -> Agent Functions |
agentFiles |
agent-files |
The agent files in Pathfinder. | Manage Pathfinder | Pathfinder -> Agent Files |
vendors |
vendors |
The vendors in the Data Inventory. | Manage Data Inventory | Data Inventory -> Vendors |
dataCategories |
data-categories |
The data categories in the Data Inventory. | Manage Data Inventory | Data Inventory -> Data Categories |
processingPurposes |
processing-purposes |
The processing purposes in the Data Inventory. | Manage Data Inventory | Data Inventory -> Processing Purposes |
actionItems |
action-items |
Onboarding-related action items | Manage All Action Items, View Global Attributes | Action Items |
actionItemCollections |
action-item-collections |
Onboarding-related action item group names | Manage Action Item Collections | Action Items |
teams |
teams |
Team definitions of users and scope groupings | Manage Access Controls | Administration -> Teams |
privacyCenters |
privacy-center |
The Privacy Center settings. | Manage Privacy Center Layout | Privacy Center |
policies |
policies |
The Privacy Center policies. | Manage Policies | Privacy Center -> Policies |
messages |
messages |
Message definitions used across Consent Management, the Privacy Center, email templates and more. | Manage Internationalization Messages | Privacy Center -> Messages & Internationalization Consent Management -> Display Settings -> Messages |
assessments |
assessments |
Assessment responses. | Manage Assessments | Assessments -> Assessments |
assessmentTemplates |
assessment-templates |
Assessment template configurations. | Manage Assessments | Assessment -> Templates |
purposes |
purposes |
Consent purposes and related preference management topics. | Manage Consent Manager, Manage Preference Store Settings | Consent Management -> Regional Experiences -> Purposes |
Looks for file at ./transcend.yml
transcend inventory push --auth="$TRANSCEND_API_KEY"Looks for file at custom location ./custom/location.yml
transcend inventory push --auth="$TRANSCEND_API_KEY" --file=./custom/location.ymlApply service classifier to all data flows
transcend inventory push --auth="$TRANSCEND_API_KEY" --classifyServicePush up attributes, deleting any attributes that are not specified in the transcend.yml file
transcend inventory push --auth="$TRANSCEND_API_KEY" --deleteExtraAttributeValuesUse dynamic variables to fill out parameters in YAML files (see ./examples/multi-instance.yml)
transcend inventory push --auth="$TRANSCEND_API_KEY" --variables=domain:acme.com,stage:stagingPush a single .yml file configuration into multiple Transcend instances
This uses the output of transcend admin generate-api-keys.
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Email Templates,View Data Map" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./transcend-api-keys.json
transcend inventory pull --auth="$TRANSCEND_API_KEY"
transcend inventory push --auth=./transcend-api-keys.jsonPush multiple .yml file configurations into multiple Transcend instances
This uses the output of transcend admin generate-api-keys.
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Email Templates,View Data Map" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./transcend-api-keys.json
transcend inventory pull --auth=./transcend-api-keys.json --file=./transcend/
# <edit .yml files in folder in between these steps>
transcend inventory push --auth=./transcend-api-keys.json --file=./transcend/Apply service classifier to all data flows
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=dataFlows
transcend inventory push --auth="$TRANSCEND_API_KEY" --classifyServicePush up attributes, deleting any attributes that are not specified in the transcend.yml file
transcend inventory pull --auth="$TRANSCEND_API_KEY" --resources=customFields
transcend inventory push --auth="$TRANSCEND_API_KEY" --deleteExtraAttributeValuesSome things to note about this sync process:
- Any field that is defined in your .yml file will be synced up to app.transcend.io. If any change was made on the Admin Dashboard, it will be overwritten.
- If you omit a field from the .yml file, this field will not be synced. This gives you the ability to define as much or as little configuration in your transcend.yml file as you would like, and let the remainder of fields be labeled through the Admin Dashboard
- If you define new data subjects, identifiers, data silos or datapoints that were not previously defined on the Admin Dashboard, the CLI will create these new resources automatically.
- Currently, this CLI does not handle deleting or renaming of resources. If you need to delete or rename a data silo, identifier, enricher or API key, you should make the change on the Admin Dashboard.
- The only resources that this CLI will not auto-generate are:
- a) Data silo owners: If you assign an email address to a data silo, you must first make sure that user is invited into your Transcend instance (https://app.transcend.io/admin/users).
- b) API keys: This CLI will not create new API keys. You will need to first create the new API keys on the Admin Dashboard (https://app.transcend.io/infrastructure/api-keys). You can then list out the titles of the API keys that you generated in your transcend.yml file, after which the CLI is capable of updating that API key to be able to respond to different data silos in your Data Map
Once you have a workflow for creating your transcend.yml file, you will want to integrate your transcend inventory push command on your CI.
Below is an example of how to set this up using a Github action:
name: Transcend Data Map Syncing
# See https://app.transcend.io/privacy-requests/connected-services
on:
push:
branches:
- 'main'
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup Node.js
uses: actions/setup-node@v2
with:
node-version: '16'
- name: Install Transcend CLI
run: npm install --global @transcend-io/cli
# If you have a script that generates your transcend.yml file from
# an ORM or infrastructure configuration, add that step here
# Leave this step commented out if you want to manage your transcend.yml manually
# - name: Generate transcend.yml
# run: ./scripts/generate_transcend_yml.py
- name: Push Transcend config
run: transcend inventory push --auth=${{ secrets.TRANSCEND_API_KEY }}If you are using this CLI to sync your Data Map between multiple Transcend instances, you may find the need to make minor modifications to your configurations between environments. The most notable difference would be the domain where your webhook URLs are hosted on.
The transcend inventory push command takes in a parameter variables. This is a CSV of key:value pairs.
This command could fill out multiple parameters in a YAML file like ./examples/multi-instance.yml, copied below:
api-keys:
- title: Webhook Key
enrichers:
- title: Basic Identity Enrichment
description: Enrich an email address to the userId and phone number
# The data silo webhook URL is the same in each environment,
# except for the base domain in the webhook URL.
url: https://example.<<parameters.domain>>/transcend-enrichment-webhook
input-identifier: email
output-identifiers:
- userId
- phone
- myUniqueIdentifier
- title: Fraud Check
description: Ensure the email address is not marked as fraudulent
url: https://example.<<parameters.domain>>/transcend-fraud-check
input-identifier: email
output-identifiers:
- email
privacy-actions:
- ERASURE
data-silos:
- title: Redshift Data Warehouse
integrationName: server
description: The mega-warehouse that contains a copy over all SQL backed databases - <<parameters.stage>>
url: https://example.<<parameters.domain>>/transcend-webhook
api-key-title: Webhook KeyUSAGE
transcend inventory scan-packages (--auth value) [--scanPath value] [--ignoreDirs value]... [--repositoryName value] [--transcendUrl value]
transcend inventory scan-packages --help
Transcend scans packages and dependencies for the following frameworks:
- package.json
- requirements.txt & setup.py
- Podfile
- Package.resolved
- build.gradle
- pubspec.yaml
- Gemfile & .gemspec
- composer.json
This command will scan the folder you point at to look for any of these files. Once found, the build file will be parsed in search of dependencies. Those code packages and dependencies will be uploaded to Transcend. The information uploaded to Transcend is:
- repository name
- package names
- dependency names and versions
- package descriptions
FLAGS
--auth The Transcend API key. Requires scopes: "Manage Code Scanning"
[--scanPath] File path in the project to scan [default = ./]
[--ignoreDirs]... List of directories to ignore in scan [separator = ,]
[--repositoryName] Name of the git repository that the package should be tied to
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitScan the current directory
transcend inventory scan-packages --auth="$TRANSCEND_API_KEY"Scan a specific directory
transcend inventory scan-packages --auth="$TRANSCEND_API_KEY" --scanPath=./examples/Ignore certain folders
transcend inventory scan-packages --auth="$TRANSCEND_API_KEY" --ignoreDirs=./test,./buildSpecify the name of the repository
transcend inventory scan-packages --auth="$TRANSCEND_API_KEY" --repositoryName=transcend-io/testUSAGE
transcend inventory discover-silos (--scanPath value) (--dataSiloId value) (--auth value) [--fileGlobs value] [--ignoreDirs value] [--transcendUrl value]
transcend inventory discover-silos --help
We support scanning for new data silos in JavaScript, Python, Gradle, and CocoaPods projects.
To get started, add a data silo for the corresponding project type with the "silo discovery" plugin enabled. For example, if you want to scan a JavaScript project, add a package.json data silo. Then, specify the data silo ID in the "--dataSiloId" parameter.
FLAGS
--scanPath File path in the project to scan
--dataSiloId The UUID of the corresponding data silo
--auth The Transcend API key. This key must be associated with the data silo(s) being operated on. Requires scopes: "Manage Assigned Data Inventory"
[--fileGlobs] You can pass a glob syntax pattern(s) to specify additional file paths to scan. Comma-separated list of globs. [default = ""]
[--ignoreDirs] Comma-separated list of directories to ignore. [default = ""]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitScan a JavaScript package.json
transcend inventory discover-silos \
--scanPath=./myJavascriptProject \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=445ee241-5f2a-477b-9948-2a3682a43d0eScan multiple file types (Podfile, Gradle, etc.) in examples directory
transcend inventory discover-silos \
--scanPath=./examples/ \
--auth="$TRANSCEND_API_KEY" \
--dataSiloId=b6776589-0b7d-466f-8aad-4378ffd3a321This call will look for all the package.json files in the scan path ./myJavascriptProject, parse each of the dependencies into their individual package names, and send it to our Transcend backend for classification. These classifications can then be viewed here. The process is the same for scanning requirements.txt, podfiles and build.gradle files.
Here are some examples of a Podfile and Gradle file.
USAGE
transcend inventory pull-datapoints (--auth value) [--file value] [--transcendUrl value] [--dataSiloIds value]... [--includeAttributes] [--includeGuessedCategories] [--parentCategories FINANCIAL|HEALTH|CONTACT|LOCATION|DEMOGRAPHIC|ID|ONLINE_ACTIVITY|USER_PROFILE|SOCIAL_MEDIA|CONNECTION|TRACKING|DEVICE|SURVEY|OTHER|UNSPECIFIED|NOT_PERSONAL_DATA|INTEGRATION_IDENTIFIER] [--subCategories value]...
transcend inventory pull-datapoints --help
Export the datapoints from your Data Inventory into a CSV.
FLAGS
--auth The Transcend API key. Requires scopes: "View Data Inventory"
[--file] The file to save datapoints to [default = ./datapoints.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--dataSiloIds]... List of data silo IDs to filter by [separator = ,]
[--includeAttributes] Whether to include attributes in the output [default = false]
[--includeGuessedCategories] Whether to include guessed categories in the output [default = false]
[--parentCategories] List of parent categories to filter by [FINANCIAL|HEALTH|CONTACT|LOCATION|DEMOGRAPHIC|ID|ONLINE_ACTIVITY|USER_PROFILE|SOCIAL_MEDIA|CONNECTION|TRACKING|DEVICE|SURVEY|OTHER|UNSPECIFIED|NOT_PERSONAL_DATA|INTEGRATION_IDENTIFIER, separator = ,]
[--subCategories]... List of subcategories to filter by [separator = ,]
-h --help Print help information and exitAll arguments
transcend inventory pull-datapoints \
--auth="$TRANSCEND_API_KEY" \
--file=./datapoints.csv \
--includeGuessedCategories \
--parentCategories=CONTACT,ID,LOCATION \
--subCategories=79d998b7-45dd-481c-ae3a-856fd93458b2,9ecc213a-cd46-46d6-afd9-46cea713f5d1 \
--dataSiloIds=f956ccce-5534-4328-a78d-3a924b1fe429Pull datapoints for specific data silos
transcend inventory pull-datapoints \
--auth="$TRANSCEND_API_KEY" \
--file=./datapoints.csv \
--dataSiloIds=f956ccce-5534-4328-a78d-3a924b1fe429Include attributes in the output
transcend inventory pull-datapoints --auth="$TRANSCEND_API_KEY" --file=./datapoints.csv --includeAttributesInclude guessed categories in the output
transcend inventory pull-datapoints --auth="$TRANSCEND_API_KEY" --file=./datapoints.csv --includeGuessedCategoriesFilter by parent categories
transcend inventory pull-datapoints \
--auth="$TRANSCEND_API_KEY" \
--file=./datapoints.csv \
--parentCategories=ID,LOCATIONFilter by subcategories
transcend inventory pull-datapoints \
--auth="$TRANSCEND_API_KEY" \
--file=./datapoints.csv \
--subCategories=79d998b7-45dd-481c-ae3a-856fd93458b2,9ecc213a-cd46-46d6-afd9-46cea713f5d1Specify the backend URL, needed for US hosted backend infrastructure
transcend inventory pull-datapoints \
--auth="$TRANSCEND_API_KEY" \
--file=./datapoints.csv \
--transcendUrl=https://api.us.transcend.ioUSAGE
transcend inventory pull-unstructured-discovery-files (--auth value) [--file value] [--transcendUrl value] [--dataSiloIds value]... [--subCategories value]... [--status MANUALLY_ADDED|CORRECTED|VALIDATED|CLASSIFIED|REJECTED] [--includeEncryptedSnippets]
transcend inventory pull-unstructured-discovery-files --help
This command allows for pulling Unstructured Discovery into a CSV.
FLAGS
--auth The Transcend API key. Requires scopes: "View Data Inventory"
[--file] The file to save datapoints to [default = ./unstructured-discovery-files.csv]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--dataSiloIds]... List of data silo IDs to filter by [separator = ,]
[--subCategories]... List of data categories to filter by [separator = ,]
[--status] List of classification statuses to filter by [MANUALLY_ADDED|CORRECTED|VALIDATED|CLASSIFIED|REJECTED, separator = ,]
[--includeEncryptedSnippets] Whether to include encrypted snippets of the entries classified [default = false]
-h --help Print help information and exitAll arguments
transcend inventory pull-unstructured-discovery-files \
--auth="$TRANSCEND_API_KEY" \
--file=./unstructured-discovery-files.csv \
--transcendUrl=https://api.us.transcend.io \
--dataSiloIds=f956ccce-5534-4328-a78d-3a924b1fe429 \
--subCategories=79d998b7-45dd-481c-ae3a-856fd93458b2,9ecc213a-cd46-46d6-afd9-46cea713f5d1 \
--status=VALIDATED,MANUALLY_ADDED,CORRECTED \
--includeEncryptedSnippetsSpecify the backend URL, needed for US hosted backend infrastructure
transcend inventory pull-unstructured-discovery-files \
--auth="$TRANSCEND_API_KEY" \
--transcendUrl=https://api.us.transcend.ioPull entries for specific data silos
transcend inventory pull-unstructured-discovery-files \
--auth="$TRANSCEND_API_KEY" \
--dataSiloIds=f956ccce-5534-4328-a78d-3a924b1fe429Filter by data categories
transcend inventory pull-unstructured-discovery-files \
--auth="$TRANSCEND_API_KEY" \
--subCategories=79d998b7-45dd-481c-ae3a-856fd93458b2,9ecc213a-cd46-46d6-afd9-46cea713f5d1Filter by classification status (exclude unconfirmed recommendations)
transcend inventory pull-unstructured-discovery-files \
--auth="$TRANSCEND_API_KEY" \
--status=VALIDATED,MANUALLY_ADDED,CORRECTEDFilter by classification status (include rejected recommendations)
transcend inventory pull-unstructured-discovery-files --auth="$TRANSCEND_API_KEY" --status=REJECTEDUSAGE
transcend inventory derive-data-silos-from-data-flows (--auth value) (--dataFlowsYmlFolder value) (--dataSilosYmlFolder value) [--ignoreYmls value]... [--transcendUrl value]
transcend inventory derive-data-silos-from-data-flows --help
Given a folder of data flow transcend.yml configurations, convert those configurations to set of data silo transcend.yml configurations.
FLAGS
--auth The Transcend API key. No scopes are required for this command.
--dataFlowsYmlFolder The folder that contains data flow yml files
--dataSilosYmlFolder The folder that contains data silo yml files
[--ignoreYmls]... The set of yml files that should be skipped when uploading [separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitConvert data flow configurations in folder to data silo configurations in folder
transcend inventory derive-data-silos-from-data-flows \
--auth="$TRANSCEND_API_KEY" \
--dataFlowsYmlFolder=./working/data-flows/ \
--dataSilosYmlFolder=./working/data-silos/Use with US backend
transcend inventory derive-data-silos-from-data-flows \
--auth="$TRANSCEND_API_KEY" \
--dataFlowsYmlFolder=./working/data-flows/ \
--dataSilosYmlFolder=./working/data-silos/ \
--transcendUrl=https://api.us.transcend.ioSkip a set of yml files
transcend inventory derive-data-silos-from-data-flows \
--auth="$TRANSCEND_API_KEY" \
--dataFlowsYmlFolder=./working/data-flows/ \
--dataSilosYmlFolder=./working/data-silos/ \
--ignoreYmls=Skip.yml,Other.ymlUSAGE
transcend inventory derive-data-silos-from-data-flows-cross-instance (--auth value) (--dataFlowsYmlFolder value) [--output value] [--ignoreYmls value]... [--transcendUrl value]
transcend inventory derive-data-silos-from-data-flows-cross-instance --help
Given a folder of data flow transcend.yml configurations, convert those configurations to a single transcend.yml configurations of all related data silos.
FLAGS
--auth The Transcend API key. No scopes are required for this command.
--dataFlowsYmlFolder The folder that contains data flow yml files
[--output] The output transcend.yml file containing the data silo configurations [default = ./transcend.yml]
[--ignoreYmls]... The set of yml files that should be skipped when uploading [separator = ,]
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitConvert data flow configurations in folder to data silo configurations in file
transcend inventory derive-data-silos-from-data-flows-cross-instance \
--auth="$TRANSCEND_API_KEY" \
--dataFlowsYmlFolder=./working/data-flows/Use with US backend
transcend inventory derive-data-silos-from-data-flows-cross-instance \
--auth="$TRANSCEND_API_KEY" \
--dataFlowsYmlFolder=./working/data-flows/ \
--transcendUrl=https://api.us.transcend.ioSkip a set of yml files
transcend inventory derive-data-silos-from-data-flows-cross-instance \
--auth="$TRANSCEND_API_KEY" \
--dataFlowsYmlFolder=./working/data-flows/ \
--ignoreYmls=Skip.yml,Other.ymlConvert data flow configurations in folder to data silo configurations in file
transcend inventory derive-data-silos-from-data-flows-cross-instance \
--auth="$TRANSCEND_API_KEY" \
--dataFlowsYmlFolder=./working/data-flows/ \
--output=./output.ymlUSAGE
transcend inventory consent-manager-service-json-to-yml [--file value] [--output value]
transcend inventory consent-manager-service-json-to-yml --help
Import the services from an airgap.js file into a Transcend instance.
1. Run `await airgap.getMetadata()` on a site with airgap
2. Right click on the printed object, and click `Copy object`
3. Place output of file in a file named `services.json`
4. Run:
transcend inventory consent-manager-service-json-to-yml --file=./services.json --output=./transcend.yml
5. Run:
transcend inventory push --auth="$TRANSCEND_API_KEY" --file=./transcend.yml --classifyService
FLAGS
[--file] Path to the services.json file, output of await airgap.getMetadata() [default = ./services.json]
[--output] Path to the output transcend.yml to write to [default = ./transcend.yml]
-h --help Print help information and exitConvert data flow configurations in folder to yml in ./transcend.yml
transcend inventory consent-manager-service-json-to-ymlWith file locations
transcend inventory consent-manager-service-json-to-yml --file=./folder/services.json --output=./folder/transcend.ymlUSAGE
transcend inventory consent-managers-to-business-entities (--consentManagerYmlFolder value) [--output value]
transcend inventory consent-managers-to-business-entities --help
This command allows for converting a folder or Consent Manager transcend.yml files into a single transcend.yml file where each consent manager configuration is a Business Entity in the data inventory.
FLAGS
--consentManagerYmlFolder Path to the folder of Consent Manager transcend.yml files to combine
[--output] Path to the output transcend.yml with business entity configuration [default = ./combined-business-entities.yml]
-h --help Print help information and exitCombine files in folder to file ./combined-business-entities.yml
transcend inventory consent-managers-to-business-entities --consentManagerYmlFolder=./working/consent-managers/Specify custom output file
transcend inventory consent-managers-to-business-entities \
--consentManagerYmlFolder=./working/consent-managers/ \
--output=./custom.ymlUSAGE
transcend admin generate-api-keys (--email value) (--password value) (--apiKeyTitle value) (--file value) (--scopes View Only|Full Admin|Rotate Hosted Sombra keys|Manage Global Attributes|Manage Access Controls|Manage Billing|Manage SSO|Manage API Keys|Manage Organization Information|Manage Email Domains|Manage Data Sub Categories|View Customer Data in Privacy Requests|View Customer Data in Data Mapping|View API Keys|View Audit Events|View SSO|View Scopes|View All Action Items|Manage All Action Items|View Employees|View Email Domains|View Global Attributes|View Legal Hold|Manage Legal Holds|Manage Request Security|Manage Request Compilation|Manage Assigned Privacy Requests|Submit New Data Subject Request|Manage Data Subject Request Settings|Manage Email Templates|Manage Request Identity Verification|Publish Privacy Center|Manage Data Map|Manage Privacy Center Layout|Manage Policies|View Policies|Manage Internationalization Messages|View Internationalization Messages|Request Approval and Communication|View Data Subject Request Settings|View the Request Compilation|View Identity Verification Settings|View Incoming Requests|View Assigned Privacy Requests|View Privacy Center Layout|View Email Templates|Connect Data Silos|Manage Data Inventory|Manage Assigned Data Inventory|Manage Assigned Integrations|View Data Map|View Assigned Integrations|View Assigned Data Inventory|View Data Inventory|Manage Consent Manager|Manage Consent Manager Developer Settings|Manage Consent Manager Display Settings|Deploy Test Consent Manager|Deploy Consent Manager|Manage Assigned Consent Manager|Manage Data Flows|View Data Flows|View Assigned Consent Manager|View Consent Manager|View Assessments|Manage Assessments|View Assigned Assessments|Manage Assigned Assessments|View Pathfinder|Manage Pathfinder|View Contract Scanning|Manage Contract Scanning|View Prompts|Manage Prompts|View Prompt Runs|Manage Prompt Runs|View Code Scanning|Manage Code Scanning|Execute Prompt|View Auditor Runs|Manage Auditor Runs and Schedules|Execute Auditor|Approve Prompts|Manage Action Item Collections|View Managed Consent Database Admin API|Modify User Stored Preferences|Manage Preference Store Settings|View Preference Store Settings|LLM Log Transfer|Manage Workflows|View Data Sub Categories) [--deleteExistingApiKey] [--createNewApiKey] [--parentOrganizationId value] [--transcendUrl value]
transcend admin generate-api-keys --help
This command allows for creating API keys across multiple Transcend instances. This is useful for customers that are managing many Transcend instances and need to regularly create, cycle or delete API keys across all of their instances.
Unlike the other commands that rely on API key authentication, this command relies upon username/password authentication. This command will spit out the API keys into a JSON file, and that JSON file can be used in subsequent CLI commands.
Authentication requires your email and password for the Transcend account. This command will only generate API keys for Transcend instances where you have the permission to "Manage API Keys".
FLAGS
--email The email address that you use to log into Transcend
--password The password for your account login
--apiKeyTitle The title of the API key being generated or destroyed
--file The file where API keys should be written to
--scopes The list of scopes that should be given to the API key [View Only|Full Admin|Rotate Hosted Sombra keys|Manage Global Attributes|Manage Access Controls|Manage Billing|Manage SSO|Manage API Keys|Manage Organization Information|Manage Email Domains|Manage Data Sub Categories|View Customer Data in Privacy Requests|View Customer Data in Data Mapping|View API Keys|View Audit Events|View SSO|View Scopes|View All Action Items|Manage All Action Items|View Employees|View Email Domains|View Global Attributes|View Legal Hold|Manage Legal Holds|Manage Request Security|Manage Request Compilation|Manage Assigned Privacy Requests|Submit New Data Subject Request|Manage Data Subject Request Settings|Manage Email Templates|Manage Request Identity Verification|Publish Privacy Center|Manage Data Map|Manage Privacy Center Layout|Manage Policies|View Policies|Manage Internationalization Messages|View Internationalization Messages|Request Approval and Communication|View Data Subject Request Settings|View the Request Compilation|View Identity Verification Settings|View Incoming Requests|View Assigned Privacy Requests|View Privacy Center Layout|View Email Templates|Connect Data Silos|Manage Data Inventory|Manage Assigned Data Inventory|Manage Assigned Integrations|View Data Map|View Assigned Integrations|View Assigned Data Inventory|View Data Inventory|Manage Consent Manager|Manage Consent Manager Developer Settings|Manage Consent Manager Display Settings|Deploy Test Consent Manager|Deploy Consent Manager|Manage Assigned Consent Manager|Manage Data Flows|View Data Flows|View Assigned Consent Manager|View Consent Manager|View Assessments|Manage Assessments|View Assigned Assessments|Manage Assigned Assessments|View Pathfinder|Manage Pathfinder|View Contract Scanning|Manage Contract Scanning|View Prompts|Manage Prompts|View Prompt Runs|Manage Prompt Runs|View Code Scanning|Manage Code Scanning|Execute Prompt|View Auditor Runs|Manage Auditor Runs and Schedules|Execute Auditor|Approve Prompts|Manage Action Item Collections|View Managed Consent Database Admin API|Modify User Stored Preferences|Manage Preference Store Settings|View Preference Store Settings|LLM Log Transfer|Manage Workflows|View Data Sub Categories, separator = ,]
[--deleteExistingApiKey/--noDeleteExistingApiKey] When true, if an API key exists with the specified apiKeyTitle, the existing API key is deleted [default = true]
[--createNewApiKey/--noCreateNewApiKey] When true, new API keys will be created. Set to false if you simply want to delete all API keys with a title [default = true]
[--parentOrganizationId] Filter for only a specific organization by ID, returning all child accounts associated with that organization
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
-h --help Print help information and exitGenerate API keys for cross-instance usage
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Email Templates,View Data Map" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./working/auth.jsonSpecifying the backend URL, needed for US hosted backend infrastructure
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Email Templates,View Data Map" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./working/auth.json \
--transcendUrl=https://api.us.transcend.ioFilter for only a specific organization by ID, returning all child accounts associated with that organization
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Email Templates,View Data Map" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./working/auth.json \
--parentOrganizationId=7098bb38-070d-4f26-8fa4-1b61b9cdef77Delete all API keys with a certain title
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Email Templates,View Data Map" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./working/auth.json \
--createNewApiKey=falseThrow error if an API key already exists with that title, default behavior is to delete the existing API key and create a new one with that same title
transcend admin generate-api-keys \
[email protected] \
--password="$TRANSCEND_PASSWORD" \
--scopes="View Email Templates,View Data Map" \
--apiKeyTitle="CLI Usage Cross Instance Sync" \
--file=./working/auth.json \
--deleteExistingApiKey=falseFind your organization ID
You can use the following GQL query on the EU GraphQL Playground or US GraphQL Playground to get your organization IDs and their parent/child relationships.
query {
user {
organization {
id
parentOrganizationId
}
}
}USAGE
transcend admin chunk-csv (--directory value) [--outputDir value] [--clearOutputDir] [--chunkSizeMB value] [--concurrency value] [--viewerMode]
transcend admin chunk-csv --help
Streams every CSV in --directory and writes chunked files of approximately N MB each.
- Runs files in parallel across worker processes (configurable via --concurrency).
- Validates row-length consistency against the header row; logs periodic progress and memory usage.
FLAGS
--directory Directory containing CSV files to split (required)
[--outputDir] Directory to write chunk files (defaults to each input file's directory)
[--clearOutputDir/--noClearOutputDir] Clear the output directory before writing chunks [default = true]
[--chunkSizeMB] Approximate chunk size in megabytes. Keep well under JS string size limits [default = 10]
[--concurrency] Max number of worker processes (defaults based on CPU and file count)
[--viewerMode] Run in non-interactive viewer mode (no attach UI, auto-artifacts) [default = false]
-h --help Print help information and exitChunk a file into smaller CSV files
transcend admin chunk-csv --directory=./working/files --outputDir=./working/chunksSpecify chunk size in MB
transcend admin chunk-csv --directory=./working/files --outputDir=./working/chunks --chunkSizeMB=250Specify concurrency (pool size)
transcend admin chunk-csv --directory=./working/files --outputDir=./working/chunks --concurrency=4Viewer mode - no ability to switch between files
transcend admin chunk-csv --directory=./working/files --outputDir=./working/chunks --viewerModeClear output directory before writing chunks
transcend admin chunk-csv --directory=./working/files --outputDir=./working/chunks --clearOutputDirRun with all options
transcend admin chunk-csv \
--directory=./working/files \
--outputDir=./working/chunks \
--chunkSizeMB=100 \
--concurrency=2 \
--viewerMode=false \
--clearOutputDirRun with no output directory specified (defaults to input directory)
transcend admin chunk-csv --directory=./working/filesUSAGE
transcend migration sync-ot [--hostname value] [--oneTrustAuth value] [--source oneTrust|file] [--transcendAuth value] [--transcendUrl value] [--file value] [--resource assessments] [--dryRun] [--debug]
transcend migration sync-ot --help
Pulls resources from a OneTrust and syncs them to a Transcend instance. For now, it only supports retrieving OneTrust Assessments.
This command can be helpful if you are looking to:
- Pull resources from your OneTrust account.
- Migrate your resources from your OneTrust account to Transcend.
OneTrust authentication requires an OAuth Token with scope for accessing the assessment endpoints.
If syncing the resources to Transcend, you will also need to generate an API key on the Transcend Admin Dashboard.
FLAGS
[--hostname] The domain of the OneTrust environment from which to pull the resource
[--oneTrustAuth] The OAuth access token with the scopes necessary to access the OneTrust Public APIs
[--source] Whether to read the assessments from OneTrust or from a file [oneTrust|file, default = oneTrust]
[--transcendAuth] The Transcend API key. Requires scopes: "Manage Assessments"
[--transcendUrl] URL of the Transcend backend. Use https://api.us.transcend.io for US hosting [default = https://api.transcend.io]
[--file] Path to the file to pull the resource into. Must be a json file!
[--resource] The resource to pull from OneTrust. For now, only assessments is supported [assessments, default = assessments]
[--dryRun] Whether to export the resource to a file rather than sync to Transcend [default = false]
[--debug] Whether to print detailed logs in case of error [default = false]
-h --help Print help information and exitIn order to use this command, you will need to generate a OneTrust OAuth Token with scope for accessing the following endpoints:
- GET /v2/assessments
- GET /v2/assessments/{assessmentId}/export
- GET /risks/{riskId}
- GET /v2/Users/{userId}
To learn how to generate the token, see the OAuth 2.0 Scopes and Generate Access Token pages.
Syncs all assessments from the OneTrust instance to Transcend
transcend migration sync-ot \
--hostname=trial.onetrust.com \
--oneTrustAuth="$ONE_TRUST_OAUTH_TOKEN" \
--transcendAuth="$TRANSCEND_API_KEY"Set dryRun to true and sync the resource to disk (writes out file to ./oneTrustAssessments.json)
transcend migration sync-ot \
--hostname=trial.onetrust.com \
--oneTrustAuth="$ONE_TRUST_OAUTH_TOKEN" \
--dryRun \
--file=./oneTrustAssessments.jsonSync to Transcend by reading from file instead of OneTrust
transcend migration sync-ot --source=file --file=./oneTrustAssessments.json --transcendAuth="$TRANSCEND_API_KEY"If you are integrating Transcend's Prompt Manager into your code, it may look like:
import * as t from 'io-ts';
import { TranscendPromptManager } from '@transcend-io/cli';
import {
ChatCompletionMessage,
PromptRunProductArea,
} from '@transcend-io/privacy-types';
/**
* Example prompt integration
*/
export async function main(): Promise<void> {
// Instantiate the Transcend Prompt Manager instance
const promptManager = new TranscendPromptManager({
// API key
transcendApiKey: process.env.TRANSCEND_API_KEY,
// Define the prompts that are stored in Transcend
prompts: {
test: {
// identify by ID
id: '30bcaa79-889a-4af3-842d-2e8ba443d36d',
// no runtime variables
paramCodec: t.type({}),
// response is list of strings
outputCodec: t.array(t.string),
},
json: {
// identify by title
title: 'test',
// one runtime variable "test"
paramCodec: t.type({ test: t.string }),
// runtime is json object
outputCodec: t.record(t.string, t.string),
// response is stored in <json></json> atg
extractFromTag: 'json',
},
predictProductLine: {
// identify by title
title: 'Predict Product Line',
// runtime parameter for slack channel name
paramCodec: t.type({
slackChannelName: t.string,
}),
// response is specific JSON shape
outputCodec: t.type({
product: t.union([t.string, t.null]),
clarification: t.union([t.string, t.null]),
}),
// response is stored in <json></json> atg
extractFromTag: 'json',
},
},
// Optional arguments
// transcendUrl: 'https://api.us.transcend.io', // defaults to 'https://api.transcend.io'
// requireApproval: false, // defaults to true
// cacheDuration: 1000 * 60 * 60, // defaults to undefined, no cache
// defaultVariables: { myVariable: 'this is custom', other: [{ name: 'custom' }] }, // defaults to {}
// handlebarsOptions: { helpers, templates }, // defaults to {}
});
// Fetch the prompt from Transcend and template any variables
// in this case, we template the slack channel name in the LLM prompt
const systemPrompt = await promptManager.compilePrompt('predictProductLine', {
slackChannelName: channelName,
});
// Parameters to pass to the LLM
const input: ChatCompletionMessage[] = [
{
role: 'system',
content: systemPrompt,
},
{
role: 'user',
content: input,
},
];
const largeLanguageModel = {
name: 'gpt-4',
client: 'openai' as const,
};
const temperature = 1;
const topP = 1;
const maxTokensToSample = 1000;
// Run prompt against LLM
let response: string;
const t0 = new Date().getTime();
try {
response = await openai.createCompletion(input, {
temperature,
top_p: topP,
max_tokens: maxTokensToSample,
});
} catch (err) {
// report error upon failure
await promptManager.reportPromptRunError('predictProductLine', {
promptRunMessages: input,
duration: new Date().getTime() - t0,
temperature,
topP,
error: err.message,
maxTokensToSample,
largeLanguageModel,
});
}
const t1 = new Date().getTime();
// Parsed response as JSON and do not report to Transcend
// const parsedResponse = promptManager.parseAiResponse(
// 'predictProductLine',
// response,
// );
// Parsed response as JSON and report output to Transcend
const parsedResponse = await promptManager.reportAndParsePromptRun(
'predictProductLine',
{
promptRunMessages: [
...input,
{
role: 'assistant',
content: response,
},
],
duration: t1 - t0,
temperature,
topP,
maxTokensToSample,
largeLanguageModel,
// Optional parameters
// name, // unique identifier for this run
// productArea, // Transcend product area that the prompt relates to
// runByEmployeeEmail, // Employee email that is executing the request
// promptGroupId, // The prompt group being reported
},
);
}If you are trying to use the CLI inside a corporate firewall and need to send traffic through a proxy, you can do so via the http_proxy environment variable,with a command like http_proxy=http://localhost:5051 transcend inventory pull --auth=$TRANSCEND_API_KEY.