What's your biggest current challenge? Have your say in Community Polls along the right column.
Our Partner & Developer boards on the community are moving to a brand new home: the .dev community forums! While you can still access past discussions here, for all your future app and storefront building questions, head over to the new forums.

How to properly process customers/data_request webhook requests

How to properly process customers/data_request webhook requests

Chad_Johnson
Shopify Partner
33 1 18

We are implementing the GDPR webhook endpoints in our app and are wondering exactly how to respond to the "customers/data_request" webhook. From the documentation, the request payload looks like this:

 

{
  "shop_id": 954889,
  "shop_domain": "{shop}.myshopify.com",
  "orders_requested": [299938, 280263, 220458],
  "customer": {
    "id": 191167,
    "email": "john@example.com",
    "phone":  "555-625-1199"
  },
  "data_request": {
    "id": 9999
  }
}

 

Would our webhook respond with full order data (including "shipping_address", "billing_address", "customer", etc. fields) for the three orders referenced under "orders_requested"?

 

{
  "orders": [
    {
      // Full Shopify order data here for order 299938
    },
    {
      // Full Shopify order data here for order 280263
    },
    {
      // Full Shopify order data here for order 220458
    }
  ]
}

Or, would the webhook extract just the "customer" field (object) and return that for each referenced order?

 

{
  "orders": [
    {
      "id": 299938,
      "customer": {
        "id": 6380400443630,
        "email": "customer@example.com",
        "accepts_marketing": false,
        "created_at": "2023-03-22T09:57:02-07:00",
        "updated_at": "2023-03-22T09:57:02-07:00",
        "first_name": "Example",
        "last_name": "Customer",
        "orders_count": 13,
        "state": "disabled",
        "total_spent": "13.00",
        "last_order_id": 5077155873006,
        "note": null,
        "verified_email": true,
        "multipass_identifier": null,
        "tax_exempt": false,
        "tags": "",
        "last_order_name": "#1013",
        "currency": "USD",
        "phone": null,
        "accepts_marketing_updated_at": "2023-03-22T09:57:02-07:00",
        "marketing_opt_in_level": null,
        "tax_exemptions": [],
        "email_marketing_consent": {
          "state": "not_subscribed",
          "opt_in_level": "single_opt_in",
          "consent_updated_at": null
        },
        "sms_marketing_consent": null,
        "admin_graphql_api_id": "gid://shopify/Customer/6380400443630",
        "default_address": {
          "id": 7954574639342,
          "customer_id": 6380400443630,
          "first_name": "Example",
          "last_name": "Customer",
          "company": "",
          "address1": "",
          "address2": "",
          "city": "",
          "province": "Alabama",
          "country": "United States",
          "zip": "",
          "phone": "",
          "name": "Example Customer",
          "province_code": "AL",
          "country_code": "US",
          "country_name": "United States",
          "default": true
        }
      }
    },
    {
      "id": 280263,
      "customer": {
        // etc
      }
    },
    {
      "id": 220458,
      "customer": {
        // etc
      }
    }
  ]
}
Reply 1 (1)

nip34
Shopify Partner
2 0 1

I think just a 200 is ok with an empty body. It means you have received the webhook and you have processed it form your side.

 

This is how we have it now in a 1 year old  custom .net implementation.

 

Question:

But i wanted to ask you Chad how did you setup your gdpr webhooks in your nodejs/react project and panel?

Because we are trying like 2 weeks now without any success.

 

Panel side: GDPR webhooks urls are what?

- api/webhooks? the callback url in gdpr.js?

- webhooks/your-custom-url?

- /your-custom-url?

 

Nodejs/React Project: GDPR webhooks come at gdpr.js but i cant seem them to be registered.
So we tried having them in public urls  -> no success

We also tried having them in api "protected" urls -> no success

Also while making these changes, we change the admin panel settings above to change the urls.

 

Any ideas or how did you do it?