search
HomepageCase studiesBook a demo

Opt-Out

How to Allow Users to Opt-Out from the Loyalty Program

As an administrator, you need to provide users with clear and easy options to opt-out of the loyalty program when they wish to do so. This guide outlines the three methods available for users to opt-out, along with the necessary API calls to implement these actions.

hashtag
1. Deactivation

Description: Deactivation allows users to temporarily leave the loyalty program while retaining the option to reactivate their account in the future. This is useful for users who may wish to take a break from the program but keep their accumulated points and rewards intact.

Implementation Steps:

  1. User Interface:

    • Ensure the option to deactivate is available in the user's account settings.

    • Provide clear instructions and confirmation prompts to avoid accidental deactivations.

  2. API Call:

hashtag
Deactivate a member

post

Management This method allows deactivating a specific Member account.

Authorizations
AuthorizationstringRequired

Open Loyalty has the JWT authorization. To learn what a JSON Web Token is and how it works, check out Introduction to JSON Web Tokens https://jwt.io/introduction/

Obtain an access token

Send a request with the parameters username and password

Definition

POST /api/admin/login_check Go to definition
POST /api/{storeCode}/member/login_check Go to definition

Example

curl {HOST}/api/admin/login_check
    -H 'Content-Type: application/json;charset=UTF-8'
    -H 'Accept: application/json, text/plain, */*'
    --data-binary '{"username":"admin","password":"password"}'

Example Response

{
    "token":"eyJhbGciOiJSUzI1NiIsInR5cCI6...",
    "refresh_token":"0558f8bb29948c4e54c443f..."
}

Using JSON Web Token

Add authorization header to each request
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...
You can now access any API method you want under the /api prefix.

Example

curl {HOST}/api/{storeCode}/analytics/members
    -H 'Accept: application/json'
    -H 'Content-type: application/x-www-form-urlencoded'
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...'

Refresh JSON Web Token

You can refresh token using refresh_token that was given during login.
There are two endpoints
To refresh admin token POST /api/token/refresh Go to definition
To refresh member token POST /api/{storeCode}/token/refresh Go to definition

Path parameters
memberstringRequiredPattern: [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|email=[a-zA-Z0-9!#$%&'\.*+\-@=?^_`{|}~;]+|phone=[0-9+]+|loyaltyCardNumber=[0-9a-zA-Z\._-]+
storeCodestringRequired

Store code

Responses
post
/api/{storeCode}/member/{member}/deactivate
No content

Please refer to our API Docsarrow-up-right for more information.

hashtag
2. Anonymization

Description: Anonymization allows users to opt-out by removing all personally identifiable information (PII) from the system. However, loyalty data is retained for analytical purposes. This method ensures that users' privacy is protected while allowing the program to maintain valuable data for insights.

Implementation Steps:

  1. User Interface:

    • Provide an anonymization option in the user's account settings.

    • Clearly explain that this action is irreversible and requires re-registration for future participation.

  2. API Call:

hashtag
Anonymize member’s data

post

Management This method allows anonymizing a specific member account.

Authorizations
AuthorizationstringRequired

Open Loyalty has the JWT authorization. To learn what a JSON Web Token is and how it works, check out Introduction to JSON Web Tokens https://jwt.io/introduction/

Obtain an access token

Send a request with the parameters username and password

Definition

POST /api/admin/login_check Go to definition
POST /api/{storeCode}/member/login_check Go to definition

Example

curl {HOST}/api/admin/login_check
    -H 'Content-Type: application/json;charset=UTF-8'
    -H 'Accept: application/json, text/plain, */*'
    --data-binary '{"username":"admin","password":"password"}'

Example Response

{
    "token":"eyJhbGciOiJSUzI1NiIsInR5cCI6...",
    "refresh_token":"0558f8bb29948c4e54c443f..."
}

Using JSON Web Token

Add authorization header to each request
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...
You can now access any API method you want under the /api prefix.

Example

curl {HOST}/api/{storeCode}/analytics/members
    -H 'Accept: application/json'
    -H 'Content-type: application/x-www-form-urlencoded'
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...'

Refresh JSON Web Token

You can refresh token using refresh_token that was given during login.
There are two endpoints
To refresh admin token POST /api/token/refresh Go to definition
To refresh member token POST /api/{storeCode}/token/refresh Go to definition

Path parameters
memberstringRequiredPattern: [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|email=[a-zA-Z0-9!#$%&'\.*+\-@=?^_`{|}~;]+|phone=[0-9+]+|loyaltyCardNumber=[0-9a-zA-Z\._-]+
storeCodestringRequired

Store code

Responses
post
/api/{storeCode}/member/{member}/anonymize
No content

Please refer to our API Docsarrow-up-right for more information.

hashtag
3. Deletion

Description: Deletion permanently removes all data associated with a user's account, including both PII and loyalty data. This method is irreversible and is intended for users who wish to completely exit the program with no data retention.

Implementation Steps:

  1. User Interface:

    • Include a deletion option in the user's account settings.

    • Ensure users understand that this action will permanently delete all their data and cannot be undone.

  2. API Call:

hashtag
Delete a member

delete

Management This method allows removing a specific Member account.

Authorizations
AuthorizationstringRequired

Open Loyalty has the JWT authorization. To learn what a JSON Web Token is and how it works, check out Introduction to JSON Web Tokens https://jwt.io/introduction/

Obtain an access token

Send a request with the parameters username and password

Definition

POST /api/admin/login_check Go to definition
POST /api/{storeCode}/member/login_check Go to definition

Example

curl {HOST}/api/admin/login_check
    -H 'Content-Type: application/json;charset=UTF-8'
    -H 'Accept: application/json, text/plain, */*'
    --data-binary '{"username":"admin","password":"password"}'

Example Response

{
    "token":"eyJhbGciOiJSUzI1NiIsInR5cCI6...",
    "refresh_token":"0558f8bb29948c4e54c443f..."
}

Using JSON Web Token

Add authorization header to each request
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...
You can now access any API method you want under the /api prefix.

Example

curl {HOST}/api/{storeCode}/analytics/members
    -H 'Accept: application/json'
    -H 'Content-type: application/x-www-form-urlencoded'
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6...'

Refresh JSON Web Token

You can refresh token using refresh_token that was given during login.
There are two endpoints
To refresh admin token POST /api/token/refresh Go to definition
To refresh member token POST /api/{storeCode}/token/refresh Go to definition

Path parameters
memberstringRequiredPattern: [0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}|email=[a-zA-Z0-9!#$%&'\.*+\-@=?^_`{|}~;]+|phone=[0-9+]+|loyaltyCardNumber=[0-9a-zA-Z\._-]+
storeCodestringRequired

Store code

Responses
delete
/api/{storeCode}/member/{member}
No content

Please refer to our API Docsarrow-up-right for more information.

hashtag
Best Practices for Implementation

  • User Communication: Clearly communicate the implications of each opt-out method to users. Use confirmation dialogs and detailed descriptions to ensure users make informed decisions.

  • User Experience: Make the opt-out process user-friendly and easily accessible within the account settings.

  • Data Security: Ensure that all API calls and data handling comply with relevant data protection regulations, such as GDPR.

  • Support: Provide support contact information for users who may have questions or need assistance with the opt-out process.

hashtag
Conclusion

By implementing these three opt-out methods, you can provide users with flexible options to manage their participation in the loyalty program. Whether they choose to temporarily deactivate, anonymize their data, or permanently delete their account, ensuring a clear and secure process enhances user trust and satisfaction.

For further details on the APIs and additional configurations, refer to the Open Loyalty API Documentationarrow-up-right. If you need further assistance, please contact our support team.

Last updated

Was this helpful?