Quickstart
Set up your Neostra tenant, configure your first DSAR workflow, and submit a test privacy request.
Prerequisites
You need a Neostra tenant account. Contact your administrator or sign up at your organization's Neostra instance.
Step 1: Sign In and Select Tenant
Authenticate
POST to the authentication endpoint with your credentials:
curl -X POST https://api.neostra.io/v1/auth/signin \
-H "Content-Type: application/json" \
-d '{
"email": "your-email@company.com",
"password": "your-password"
}'
The response includes a JWT token and a list of tenants you have access to.
Select Tenant
If you belong to multiple tenants, select one:
curl -X POST https://api.neostra.io/v1/auth/select-tenant \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"tenantId": "your-tenant-id"
}'
This returns a tenant-scoped JWT token for all subsequent API calls.
Step 2: Configure a Brand
Brands represent business units or product lines within your tenant. All privacy operations are scoped to a brand.
curl -X POST https://api.neostra.io/v1/brand/create \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "My Product",
"domains": ["myproduct.com"],
"active": true
}'
Step 3: Create a DSAR Intake Form
Intake forms are the public-facing forms where data subjects submit privacy requests.
Navigate to DSAR > Intake Forms > New Form. Configure fields like name, email, request type, and any custom fields. Publish the form to make it available.
curl -X POST https://api.neostra.io/v1/forms/create \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Privacy Request Form",
"brandId": "your-brand-id",
"fields": [
{"key": "fullName", "type": "text", "required": true},
{"key": "email", "type": "email", "required": true},
{"key": "requestType", "type": "select", "required": true}
]
}'
Step 4: Set Up a Workflow
Workflows define how requests are routed, assigned, and fulfilled.
curl -X POST https://api.neostra.io/v1/workflow/create \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Standard DSAR Workflow",
"brandId": "your-brand-id",
"stages": [
{"name": "Intake", "order": 1},
{"name": "Verification", "order": 2},
{"name": "Fulfillment", "order": 3},
{"name": "Response", "order": 4}
]
}'
Publish the workflow to activate it:
curl -X POST https://api.neostra.io/v1/workflow/{workflowId}/publish \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Step 5: Submit a Test Request
Submit a privacy request through the public endpoint (no authentication required):
curl -X POST https://api.neostra.io/v1/public/subject-request/create \
-H "Content-Type: application/json" \
-d '{
"intakeFormId": "your-form-id",
"locale": "en",
"requestTypes": ["data_access"],
"email": "testuser@example.com",
"userEnteredData": [
{"key": "fullName", "value": "Test User"},
{"key": "email", "value": "testuser@example.com"}
],
"userInfo": {
"email": "testuser@example.com",
"firstName": "Test",
"lastName": "User"
}
}'
Step 6: Track and Fulfill
View Requests
The request appears in your DSAR dashboard. List all requests via API:
curl https://api.neostra.io/v1/subjectrequest/list \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Manage Tasks
The workflow engine creates tasks for each stage. View and complete tasks:
curl https://api.neostra.io/v1/task/list \
-H "Authorization: Bearer YOUR_JWT_TOKEN"
Send Response
Use response templates to generate and send the final response to the data subject.
Next Steps
Last updated 1 week ago
Built with Documentation.AI