TRAX LRS provides a pseudonymization feature which consists in replacing agents identities by artificial identities for all the incoming statements.
When this feature is enabled, the statements of your LRS no longer contain real agents identities (except for the authority).
{danger} Configure the pseudonymization before starting to record statements. Then, don't change these settings or you may get inconsistent behaviors.
Pseudonymization is disabled by default and can be enabled in the .env
file.
To enable both agents and groups pseudonymization:
XAPI_STORE_PROFILE=full_pseudo
To enable agents pseudonymization only:
XAPI_STORE_PROFILE=partial_pseudo
Artificial identities looks like this:
{
"account": {
"name": "3f81141f-f4a8-42d3-9be0-99637cc32548",
"homePage": "http://pseudo.traxlrs.com"
}
}
The account.name
is a generated UUID. The account.homePage
can be configured in the .env
file:
XAPI_STORE_PSEUDO_IRI=http://pseudo.traxlrs.com
When pseudomization is enabled, TRAX LRS keeps the relation between real and artificial identities.
This relation can be checked with the standard Agents API
.
You can use artificial identities in the agent
filter of the standard Statements API
.
It will return statements with artificial identities.
As long as the relation between the real and artificial agents exists,
you can use real identities in the agent
filter of the standard Statements API
.
It will return statements with real identities.
You can remove real identities from the LRS, which is a great feature to comply with the GDPR. The statements are not removed. They stay into the LRS with artificial identities.
The standard API does not provide any feature to remove agents from an LRS. However, TRAX LRS extended APIs does.
In order to remove an agent from the LRS, you a client/access with the Manage xAPI Data
permission.
Then, you can use the endpoint http://traxlrs.test/trax/api/<uuid-generated-for-your-access>/xapi/ext/agents
with the DELETE method and the following parameters:
{
"filters": {
"agent": {
"account": {
"name": "john",
"homePage": "http://traxlrs.com"
}
}
}
}
Pseudonymization has a significant impact on performances, both for writing and reading operations.
During writing operations, agents and relation tables must be updated and statements must be modified before being written.
During reading operations, real agents identities must be get from the agents table and statements must be modified before being returned.