accountDataExport

Tenant admin (bearer) ESSENTIAL+ callable

GDPR Art. 20 right-to-data-portability. Returns a signed Storage URL to a JSON export.

METHOD POST
PATH /accountDataExport
AUTH Tenant admin (bearer)

Aggregates every record we hold for a tenant — metadata, events, photo metadata, team users, DSARs — into a single JSON blob, uploads it to Storage, and returns a 1-hour signed download URL. Photo image URLs inside the export are re-signed with a 24h TTL. 6h cooldown per tenant (prevents abuse — a multi-GB tenant export is expensive). Capped at 5000 signed photo URLs per export.

AUTH NOTE

Requires a Firebase Auth ID token with role=admin (or superadmin) custom claim. Tenant-scoped unless invoked by a superadmin with an explicit tenantId.

Request

FieldTypeRequiredDescription
tenantId string no Superadmin-only: export on behalf of another tenant. Tenant admins always export their own tenant.

EXAMPLE BODY

{}

Response

FieldTypeAlways presentDescription
url string yes Signed URL (v4, 1h TTL) to the export JSON blob.
filename string yes Path inside the Storage bucket.
exportedAt string yes ISO 8601 UTC timestamp when the export was generated.
expiresAt string yes ISO 8601 UTC timestamp when the signed URL expires.
counts.events number yes Number of events in the export.
counts.users number yes Number of team users.
counts.dsar number yes Number of DSAR requests linked to the tenant's events.
counts.photoUrlsSigned number yes Number of photo URLs that were re-signed (capped at 5000).

EXAMPLE BODY

{
  "url": "https://storage.googleapis.com/fotowall-exports/.../data-export-1715000000000.json?X-Goog-Signature=...",
  "filename": "exports/jse-events/data-export-1715000000000.json",
  "exportedAt": "2026-05-21T14:22:08.000Z",
  "expiresAt": "2026-05-21T15:22:08.000Z",
  "counts": {
    "events": 12,
    "users": 4,
    "dsar": 1,
    "photoUrlsSigned": 742
  }
}

curl

curl -X POST https://us-central1-freedomgrc-photowall.cloudfunctions.net/accountDataExport \
  -H "Authorization: Bearer <firebase-id-token>" \
  -H "Content-Type: application/json" \
  -d '{"data":{}}'

JavaScript

We don't ship a first-party JS SDK yet (it's on the roadmap). For callable endpoints, the Firebase Functions SDK is the recommended path — it handles ID-token attachment and payload framing. Plain fetch works too. 

import { getFunctions, httpsCallable } from 'firebase/functions';

const functions = getFunctions(app, 'us-central1');
const exportFn  = httpsCallable(functions, 'accountDataExport');

const { data } = await exportFn({});
window.location = data.url;   // download the signed URL

Error cases

CodeWhen
unauthenticated No Firebase Auth ID token.
permission-denied Caller is not admin or superadmin. Moderator/viewer roles cannot export.
not-found Tenant does not exist (rare — typically a config issue).
resource-exhausted Tenant exported within the last 6 hours.
internal Storage upload, signing, or aggregation failed.

Related endpoints

Need a different shape?

The API surface is small. Tell us what you need and we'll work backward from your integration.

Request an endpoint Back to API index