search

ethyca / fides

The Privacy Engineering & Compliance Framework
https://ethyca.com/docs
Apache License 2.0
359 stars 72 forks source link

allow DSRs with multiple identities #2451

Open Kelsey-Ethyca opened 1 year ago

Kelsey-Ethyca commented 1 year ago

Overview

If multiple identities are passed into a privacy request (email and phone_number) the SaaS connectors will raise the following exception

fides.api.ops.common_exceptions.FidesopsException: Only one identity can be specified for SaaS connector traversal

The expected behavior is that multiple identities should be supported by executing one read request per identity then consolidating the responses into a single Row (in this case the object representing a user/custom/account). If the individual identity requests cannot be consolidated (mismatched fields) then the request should error since the provided data most likely corresponds to two different subjects.

Kelsey-Ethyca commented 1 year ago

we do not verify the phone number so someone can put in their email put another's phone number, verify their email, and have get/delete another's account data

This is not possible today

We will need a ticket to address this

rsilvery commented 1 year ago

@Kelsey-Ethyca , @galvana if this is still required and there's a customer behind it, can you DM me the customer so we can track?