Security
HTTPS: All communications are encrypted for confidentiality and integrity.
OAuth 2.0 with Client Credentials grant is used for authentication, so you need client_id and client_secret to generate access token.
NOTE
-
Never use personal identifiers (like Social Security Number) as customer ID. It should be a unique, synthetic identifier in your system.
-
GET all customers every hour/day/month without specifying threshold date (cursor). You do not need to call collection endpoints more than once a day, in most cases.
-
POST all customers to CDC every day.