We store users’ email and phone numbers in our persistence storage historically and are in process of implementing the Personal Data Reporting API(https://developer.atlassian.com/cloud/jira/platform/user-privacy-developer-guide/).
I don’t fully understand reading the above mentioned doc how exactly this API work,
does this API need to be invoked somewhere in app code? Should we have a job which runs this API in every 15 days - if yes, how does that job authenticate to invoke that API?
From an invocation perspective, I understand that its a POST API which expects us to provide a list of accountIds whose personal data we are storing.
Please if someone can elaborate what is the expectation here. How does the personal data reporting flow supposed to work? Apps calling this API every 15 days inside app code where JWT is obtained or if any other vendor has already done the implementation.
I’m pretty new to Atlassian-connect and really don’t have a lot of idea as to how this API needs to work. Excuse my naiveness.