MaxMind maintains a list of Do Not Sell My Personal Information requests. This API provides a simple way to retrieve privacy exclusion requests in an automated fashion.
API calls should be made with HTTP GET request to:
The query string may include the following parameter:
|RFC 3339 timestamp||If set, only updates made after this time will be returned. The value should be a valid RFC 3339 timestamp, e.g., |
Content-Type header will vary based on whether the request was successful
or not, and is detailed further in each of the two Response Body sections below.
The response will always include a
Content-Type header for a successful response will be
application/vnd.maxmind.com-privacy-exclusions+json; charset=UTF-8; version=1.0
Data will be returned as a JSON document in UTF-8 encoding. The document will be
a JSON object including the
exclusions key. Additional keys may be added in
The value for the
exclusions key is an array of objects, each representing one
Each exclusion object in the
exclusions array includes the following keys:
|enum||The governing law or rule that the exclusion was made under. Currently, the only valid type is |
|enum||The data type of the value being excluded. Currently, the only valid data type is |
|string||The value being excluded.|
|RFC 3339 timestamp||The time of the last update to the exclusion as an RFC 3339 timestamp.|
Please note that additional keys may be added in the future.
In the event an error occurs (the response indicates a 4xx or 5xx HTTP status),
the response may include a JSON document in the body. An error in content
negotiation will not include a body nor will many 5xx errors. Before attempting
to decode the body as JSON, you should verify that the
Content-Type of the
error response is
application/vnd.maxmind.com-error+json; charset=UTF-8; version=1.0.
If the JSON document is included in the response body, it will be an object
with the keys
code field is a static error code for
machine use. The value of any given
code will never change, but
codes can be
added or removed. The error field is a human-readable description of the error
and may change at any time.
In addition to the errors documented below, client code should also be prepared to handle any valid HTTP 4xx or 5xx status code.
|Code Error||HTTP Status||Error Mode|
|TIMESTAMP_INVALID||400 Bad Request||The |
|AUTHORIZATION_INVALID||401 Unauthorized||Your account ID or license key could not be authenticated.|
|ACCOUNT_ID_REQUIRED||401 Unauthorized||An account ID and license key are required to use this service.|
|LICENSE_KEY_REQUIRED||401 Unauthorized||An account ID and license key are required to use this service.|
|PERMISSION_REQUIRED||403 Forbidden||You do not have permission to use the service. Please contact email@example.com for more information.|
|(none)||503 Service Not Available||There is a problem with the web service server. You can check the status of our services, or try this request again later.|
This page was last updated on December 2, 2022.