Web application configuration API - PUT data privacy of a web application

Updates data privacy parameters of the specified web application.

This API only supports web applications (including agentless applications and browser extensions). For mobile apps and custom applications, see Mobile and custom app API.

The request consumes and produces an application/json payload.

PUT	Managed	`https://{your-domain}/e/{your-environment-id}/api/config/v1/applications/web/{id}/dataPrivacy`
	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/applications/web/{id}/dataPrivacy`
	Environment ActiveGate	`https://{your-activegate-domain}/e/{your-environment-id}/api/config/v1/applications/web/{id}/dataPrivacy`

Authentication

To execute this request, you need an access token with Change data privacy settings (DataPrivacy) scope. To learn how to obtain and use it, see Tokens and authentication.

Parameters

Parameter	Type	Description	In	Required
id	string	The ID of the web application, where you want to update data privacy settings.	path	required
body	ApplicationDataPrivacy	JSON body of the request, containing new data privacy settings.	body	optional

Request body objects

The `ApplicationDataPrivacy` object

Data privacy settings of the application.

Element	Type	Description
metadata	ConfigurationMetadata	Metadata useful for debugging Can be `null`.
identifier	string	Dynatrace entity ID of the web application. Can be `null`.
dataCaptureOptInEnabled	boolean	Set to `true` to disable data capture and cookies until JavaScriptAPI `dtrum.enable()` is called.
persistentCookieForUserTracking	boolean	Set to `true` to set persistent cookie in order to recognize returning devices.
doNotTrackBehaviour	string	How to handle the "Do Not Track" header: `IGNORE_DO_NOT_TRACK`: ignore the header and capture the data. `CAPTURE_ANONYMIZED`: capture the data but do not tie it to the user. `DO_NOT_CAPTURE`: respect the header and do not capture. The element can hold these values `CAPTURE_ANONYMIZED` `DO_NOT_CAPTURE` `IGNORE_DO_NOT_TRACK`
sessionReplayDataPrivacy	SessionReplayDataPrivacySettings	Data privacy settings for Session Replay. Can be `null`.

The `ConfigurationMetadata` object

Metadata useful for debugging

Element Type Description

configurationVersions

integer[]

Element	Type	Description
configurationVersions	integer[]	A sorted list of the version numbers of the configuration. Can be `null`.
currentConfigurationVersions	string[]	A sorted list of version numbers of the configuration. Can be `null`.
clusterVersion	string	Dynatrace version. Can be `null`.

A sorted list of the version numbers of the configuration.

Can be null.

currentConfigurationVersions

string[]

A sorted list of version numbers of the configuration.

Can be null.

clusterVersion

string

Dynatrace version.

Can be null.

The `SessionReplayDataPrivacySettings` object

Data privacy settings for Session Replay.

Element Type Description

optInModeEnabled

boolean

Element	Type	Description
optInModeEnabled	boolean	If `true`, session recording is disabled until JavaScriptAPI `dtrum.enableSessionReplay()` is called. Can be `null`.
urlExclusionRules	string[]	A list of URLs to be excluded from recording. Can be `null`.
contentMaskingSettings	SessionReplayContentMaskingSettings	Content masking settings for Session Replay. For more details, see Configure Session Replay in Dynatrace Documentation. Can be `null`.

If true, session recording is disabled until JavaScriptAPI dtrum.enableSessionReplay() is called.

Can be null.

urlExclusionRules

string[]

A list of URLs to be excluded from recording.

Can be null.

contentMaskingSettings

SessionReplayContentMaskingSettings

Content masking settings for Session Replay.

For more details, see Configure Session Replay in Dynatrace Documentation.

Can be null.

The `SessionReplayContentMaskingSettings` object

Content masking settings for Session Replay.

For more details, see Configure Session Replay in Dynatrace Documentation.

Element Type Description

recordingMaskingSettingsVersion

integer

Element	Type	Description
recordingMaskingSettingsVersion	integer	The version of the content masking. You can use this API only with the version 2. If you're using version 1, set this field to `2` in the PUT request to switch to version 2.
recordingMaskingSettings	SessionReplayMaskingSetting	Configuration of the Session Replay masking. Can be `null`.
playbackMaskingSettings	SessionReplayMaskingSetting	Configuration of the Session Replay masking. Can be `null`.

The version of the content masking.

You can use this API only with the version 2.

If you're using version 1, set this field to 2 in the PUT request to switch to version 2.

recordingMaskingSettings

SessionReplayMaskingSetting

Configuration of the Session Replay masking.

Can be null.

playbackMaskingSettings

SessionReplayMaskingSetting

Configuration of the Session Replay masking.

Can be null.

The `SessionReplayMaskingSetting` object

Configuration of the Session Replay masking.

Element Type Description

maskingPreset

string

Element	Type	Description
maskingPreset	string	The type of the masking: `MASK_ALL`: Mask all texts, user input, and images. `MASK_USER_INPUT`: Mask all data that is provided through user input `ALLOW_LIST`: Only elements, specified in maskingRules are shown, everything else is masked. `BLOCK_LIST`: Elements, specified in maskingRules are masked, everything else is shown. The element can hold these values `ALLOW_LIST` `BLOCK_LIST` `MASK_ALL` `MASK_USER_INPUT`
maskingRules	MaskingRule[]	A list of masking rules. Can be `null`.

The type of the masking:

MASK_ALL: Mask all texts, user input, and images.
MASK_USER_INPUT: Mask all data that is provided through user input
ALLOW_LIST: Only elements, specified in maskingRules are shown, everything else is masked.
BLOCK_LIST: Elements, specified in maskingRules are masked, everything else is shown.

The element can hold these values

ALLOW_LIST
BLOCK_LIST
MASK_ALL
MASK_USER_INPUT

maskingRules

MaskingRule[]

A list of masking rules.

Can be null.

The `MaskingRule` object

The masking rule defining how data is hidden.

Element Type Description

maskingRuleType

string

Element	Type	Description
maskingRuleType	string	The type of the masking rule. The element can hold these values `ATTRIBUTE` `ELEMENT`
selector	string	The selector for the element or the attribute to be masked. Specify a CSS expression for an element or a regular expression for an attribute.
userInteractionHidden	boolean	Interactions with the element are (`true`) or are not (`false) masked.

The type of the masking rule.

The element can hold these values

ATTRIBUTE
ELEMENT

selector

string

The selector for the element or the attribute to be masked.

Specify a CSS expression for an element or a regular expression for an attribute.

userInteractionHidden

boolean

Interactions with the element are (true) or are not (`false) masked.

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

json
{
  "metadata": {
    "configurationVersions": [
      4,
      2
    ],
    "currentConfigurationVersions": [
      "1.0.4",
      "1.23"
    ],
    "clusterVersion": "1.192.1"
  },
  "identifier": "string",
  "dataCaptureOptInEnabled": true,
  "persistentCookieForUserTracking": true,
  "doNotTrackBehaviour": "CAPTURE_ANONYMIZED",
  "sessionReplayDataPrivacy": {
    "optInModeEnabled": true,
    "urlExclusionRules": [
      "string"
    ],
    "contentMaskingSettings": {
      "recordingMaskingSettingsVersion": 2,
      "recordingMaskingSettings": {
        "maskingPreset": "ALLOW_LIST",
        "maskingRules": [
          {
            "maskingRuleType": "ATTRIBUTE",
            "selector": "string",
            "userInteractionHidden": false
          }
        ]
      },
      "playbackMaskingSettings": {}
    }
  }
}

Response

Response codes

Code	Type	Description
204	-	Success. Data privacy settings have been updated. Response doesn't have a body.
400	ErrorEnvelope	Failed. The input is invalid.

Validate payload

We recommend that you validate the payload before submitting it with an actual request. A response code of 204 indicates a valid payload.

The request consumes an application/json payload.

POST	Managed	`https://{your-domain}/e/{your-environment-id}/api/config/v1/applications/web/{id}/dataPrivacy/validator`
	SaaS	`https://{your-environment-id}.live.dynatrace.com/api/config/v1/applications/web/{id}/dataPrivacy/validator`
	Environment ActiveGate	`https://{your-activegate-domain}/e/{your-environment-id}/api/config/v1/applications/web/{id}/dataPrivacy/validator`

Authentication

To execute this request, you need an access token with Change data privacy settings (DataPrivacy) scope. To learn how to obtain and use it, see Tokens and authentication.

Response

Response codes

Code	Type	Description
204	-	Validated. The submitted configuration is valid. Response does not have a body.
400	ErrorEnvelope	Failed. The input is invalid.

Web application configuration API - PUT data privacy of a web application

Authentication

Parameters

Request body objects

The ApplicationDataPrivacy object

The ConfigurationMetadata object

The SessionReplayDataPrivacySettings object

The SessionReplayContentMaskingSettings object

The SessionReplayMaskingSetting object

The MaskingRule object

Request body JSON model

Response

Response codes

Validate payload

Authentication

Response

Response codes

The `ApplicationDataPrivacy` object

The `ConfigurationMetadata` object

The `SessionReplayDataPrivacySettings` object

The `SessionReplayContentMaskingSettings` object

The `SessionReplayMaskingSetting` object

The `MaskingRule` object