Stuck on implementing the GDPR Right to Erasure workflow for our Zendesk-to-GC migration project. We are attempting to use the POST /api/v2/interactions/{id}/delete endpoint to remove personal data from archived interactions, but we are consistently hitting a 403 Forbidden error. This is happening specifically for interactions that were migrated from Zendesk using the bulk import tool, while interactions created natively in Genesys Cloud work perfectly fine with the same service account. The account has the interaction:delete permission and the compliance:admin role, which seemed sufficient based on the initial setup guide.
In Zendesk, we handled data deletion through ticket purging jobs that were quite straightforward, often just requiring a global admin toggle or a simple API call to the tickets endpoint. The mapping from Zendesk tickets to Genesys Cloud interactions seems to have introduced a hidden permission layer or a data ownership issue. The error response body is generic, returning {"errors": [{"code": "forbidden", "message": "User does not have permission to perform this action"}]}, which doesn’t help much with debugging. I have verified the interaction IDs and they are valid, existing in the EU-West region.
I suspect there might be a mismatch in how the migration tool set the creator or owner fields on these imported interactions. If the system thinks the interaction belongs to a suspended Zendesk agent account that no longer exists in GC, maybe the deletion is blocked? Or perhaps there is a specific compliance flag that needs to be set during the migration process to allow for post-migration deletion? The documentation on migrating compliance-sensitive data is sparse compared to the functional workflow docs.
We are running Genesys Cloud version 24.7.1 in the EU-West environment. The migration was completed two weeks ago using the standard CSV import method for historical tickets. Any insights on whether we need to re-assign ownership of these interactions before deletion, or if there is a specific permission set missing for migrated data? We need to resolve this before our compliance audit next week.