GDPR compliance: “Right to access” with the ALM Octane REST API - Technical Preview

  • Document ID:KM03156731
  • Creation Date:07-May-2018
  • Modified Date:09-Oct-2019
    • Micro Focus Products:
      alm octane

Summary

For GDPR compliance with the “Right to Access” article, you can query data to get information about user-related activities. This document provides examples for how to do this using the REST API.

Question

This article provides examples using the REST API for getting information about user-related activities in ALM Octane for GDPR compliance with the “Right to Access” article.

This feature is a technical preview, providing initial “Right to access” GDPR compliance. We expect that future versions of ALM Octane will provide additional functionality for this compliance.

Using the REST API, you can audit changes made by a specific user to any entity. Only the GET operation is supported.

Send the REST API requests with a header:

  •          Header:  HPECLIENTTYPE
  •          Value: HPE_REST_API_TECH_PREVIEW

Warning:

For performance purposes, you should use only filter by user and creation_time fields from the DB index and you must limit the number of responses by querying with the limit and offset clauses. See the ALM Octane Developer Guide for using limits and offsets: https://admhelp.microfocus.com/octane/en/latest/Online/Content/API/Paging.htm

 

Answer

Examples:

These examples demonstrate how you can query ALM Octane history to see user-related actions performed on entities by a particular user.

Note: For the purposes of these REST API requests, an action is any change to any individual field. If while updating an entity you change the value of three different fields, three actions are returned in the history for that one update.The total count represents the total number of actions, not the total number of updates.  For example, if you update 10 fields at one time, and set a limit of 1, the total count returned is 10. 

  • List the first 50 actions Bob performed.

    GET …/api/shared_spaces/1001/workspaces/1002/historys?query = "user EQ ^bob@TheCompany^ " &limit=50 &offset=0
     
  • List the next 50 actions Bob performed after 17.4.2018 20:59:59 and order by creation_time.

    GET …/api/shared_spaces/1001/workspaces/1002/historys?query = "user EQ ^bob@TheCompany^;creation_time GE ^272018-04-17T20:59:59Z^" &limit=50 &offset=50 &orderby=creation_time
     
  • Get the first 50 actions Maria made on entities created at a specific time.

    GET …/api/shared_spaces/1001/workspaces/1002/historys?query=”user EQ ^maria@TheCompany^;creation_time EQ ^272018-04-17T20:59:59Z^” &limit=50 &offset=0