Purge Order Data
3 minute read
What you’ll learn
In this article you’ll learn how to use the GraphQL purgeOrderData mutation to purge PII and other forms of sensitive information from orders and their associated entities. We’ll cover
- Solution specifics
- The data that you can purge
- How to run the mutation to purge data
Solution Specifics
Before reading further, there are some important call outs on the solution that you should be aware of:
- This is an API only solution - there is currently not an equivalent feature in the Operator Portal
- Only Full Admins can execute this mutation (this privilege is derived from the account that created the API key being used)
- You cannot “un-purge” data, it is a 1-way operation
- We don’t ever purge the order / transaction, only relevant attributes on the order (and associated objects, e.g. invoices and line items etc.)
Disclaimer
Given the nature of this feature, we advise anyone using it does so at their own risk. We strongly suggest that you test out a number of scenarios in a non-production environment before adopting further. Marketplacer cannot be held responsible for any loss of data that arises from the use of this mutation.Purgeable Data
The following classifications of data can be purged:
ExternalIDs
By setting the purgeExternalIds input to true, we purge:
- ExternalIds on the
Order - ExternalIds on the associated
Invoiceobjects - ExternalIds on the associated
LineItemobjects - ExternalIds on the associated
Shipmentobjects
Metadata
By setting the purgeMetaData input to true, we purge:
- Metadata on the
Order - Metadata on the associated
Invoiceobjects - Metadata on the associated
LineItemobjects - Metadata on the associated
Shipmentobjects
Notes
By setting the purgeNotes input to true, we purge:
- Notes on the
Order(this field is not retrievable via GraphQL but is nonetheless purged) notefield on theShipmentobjects associated to theOrder- Set the value of the
contentfield on theInvoiceAnnotationobject to “purged” attachmentson theRefundRequestobjects associated to theOrderattachmentson theReturnShipmentobjects associated to theOrderattachmentson theRefundRequestNoteobjects associated to theOrdernotefield on theRefundRequestNoteobjects associated to theOrderreasonon theRefundRequestLineItemobjects associated to theOrderdenyRefundReasonon theRefundRequestLineItemobjects associated to theOrder
Order Details
By setting the purgeOrderDetails input to true, we purge:
addresson theOrderbillingAddresson theOrderemailAddresson theOrderfirstNameon theOrdersurnameon theOrderphoneon theOrdercompanyNameon theOrderbillingAddresson theOrderbillingCompanyNameon theOrderbillingEmailAddresson theOrderbillingFirstNameon theOrderbillingPhoneon theOrderbillingSurnameon theOrder
Running the Mutation
The following example details:
- Purging data for 1 order, (you can supply multiple ids if you like)
- Purging data for all 4 of the category types (you have to provide at least 1)
mutation{
purgeOrderData(input:
{
orderIds:["T3JkZXItMTEzODM="]
purgeNotes: true
purgeMetadata: true
purgeExternalIds: true
purgeOrderDetails: true
}
)
{
errors{
field
messages
}
}
}
Aside from returning any potential errors, there isn’t a dedicated return object type for this mutation. To understand the effect of running this mutation you can use any number of the existing queries that return orders. An example node query is shown below that returns a selection of the impacted fields for the order id we supplied above:
query {
nodes(ids: ["T3JkZXItMTEzODM="]) {
... on Order {
id
surname
address {
address
}
companyName
phone
}
}
}
And the example return payload looks as follows:
{
"data": {
"nodes": [
{
"id": "T3JkZXItMTEzODM=",
"surname": "",
"address": null,
"companyName": null,
"phone": ""
}
]
}
}