Settings API - End users' data privacy schema table
End users' data privacy (
Use the settings on this page to mask the personal data of your end users and ensure your organization's compliance with data-privacy regulations, including GDPR.
Unless otherwise stated, all privacy settings below apply to both the data captured from your end users' web browsers and the data captured by OneAgent on the server side. These settings ensure that none of your end-users' personal data are stored by Dynatrace. For complete details on ensuring the data privacy of your end users, see Data privacy and security in Dynatrace Help.
|Schema ID||Schema groups||Scope|
To execute this request, you need an access token with Read settings (
settings.read) scope. To learn how to obtain and use it, see Tokens and authentication.
To provide your end users with the ability to decide for themselves if their activities should be tracked to measure application performance and usage, enable opt-in mode.
|doNotTrack||Do Not Track||DoNotTrack|
Most modern web browsers have a privacy feature called "Do Not Track" that individual users may have enabled on their devices. Customize how Dynatrace should behave when it encounters this setting.
Request body objects
|ipAddressMaskingEnabled||Mask end-user IP addresses and GPS coordinates||boolean|
Dynatrace captures the IP addresses of your end-users to determine the regions from which they access your application. To learn more, visit Mask IPs and GPS coordinates.
Dynatrace also captures GPS data from mobile apps that provide their users with the option of sharing geolocation data. On the server side, Dynatrace captures IP addresses to enable detailed troubleshooting for Dynatrace service calls.
Once enabled, IP address masking sets the last octet of monitored IPv4 addresses and the last 80 bits of IPv6 addresses to zeroes. GPS coordinates are rounded up to 1 decimal place (~10 km). This masking occurs in memory. Full IP addresses are never written to disk. Location lookups are made using anonymized IP addresses and GPS coordinates.
|personalDataUriMaskingEnabled||Mask personal data in URIs||boolean|
Dynatrace captures the URIs and request headers sent from desktop and mobile browsers. Dynatrace also captures full URIs on the server-side to enable detailed performance analysis of your applications. For complete details, visit Mask personal data in URIs.
URIs and request headers contain personal data. When this setting is enabled, Dynatrace automatically detects UUIDs, credit card numbers, email addresses, IP addresses, and other IDs and replaces those values with placeholders. The personal data is then masked in PurePath analysis, error analysis, user action naming for RUM, and elsewhere in Dynatrace.
|userActionMaskingEnabled||Mask user actions (web applications only)||boolean|
When Dynatrace detects a user action that triggers a page load or an AJAX/XHR action. To learn more about masking user actions, visit Mask user actions.
When Dynatrace detects a user action that triggers a page load or an AJAX/XHR action, it constructs a name for the user action based on:
In most instances, the default approach to user-action naming works well, resulting in user-action names such as:
In rare circumstances, confidential data (for example, email addresses, usernames, or account numbers) can be unintentionally included in user action names because the confidential data itself is included in an HTML element label, attribute, or other value (for example, click on "my Account Number: 1231231"...). If such confidential data appears in your application's user action names, enable the Mask user action names setting. This setting replaces specific HTML element names and values with generic HTML element names. With user-action name masking enabled, the user action names listed above appear as:
|persistentCookieEnabled||Use persistent cookies for user tracking||boolean|
When enabled, Dynatrace places a persistent cookie on all end-user devices to identify returning users.
|optInModeEnabled||Data-collection and opt-in mode||boolean|
With Data-collection and opt-in mode enabled, Real User Monitoring data isn't captured until dtrum.enable() is called for specific user sessions.
|complyWithDoNotTrack||Comply with "Do Not Track" browser settings||boolean||-||required|