Platform_api_python 403 on PII endpoint with missing compliance header

Problem
The platform_api_python library returns a 403 Forbidden when invoking the PII deletion endpoint. Environment runs platform_api_python==1.58.0 inside python:3.11-slim. The X-Genesys-Compliance-Justification header drops between the client object and the wire frame.

from genesyscloud.platform_api_python import PiiApi, PiiRequest, Configuration, ApiClient

config = Configuration(host="mycompany.eu-gene.com")
config.access_token = "ya29.xxxxx" # Token verified via /api/v2/oauth/token/introspect

api = PiiApi(ApiClient(config))
req = PiiRequest(
 data_subject_email="user@test.de",
 request_id="gdpr-req-8821",
 reason="Retention Policy Expiry"
)

api.post_pii(pii_request=req, extra_headers={"X-Genesys-Compliance-Justification": "Audit-ID-992"})

Error response body is {"message": "Forbidden", "status": 403}. The introspection check shows privacy:pii:delete scope is active on the token. The platform_api_python library documentation claims extra_headers merge into the request context automatically. Debug output logs the header dictionary as populated. The network capture shows the header missing from the outgoing packet.

Logs are doing jack all to explain the serialization path. The PiiApi class inherits from Api, which manages header injection. The header vanishes only on the post_pii method. Other calls like get_analytics_api preserve custom headers correctly. The Berlin region cluster enforces strict header presence for this endpoint.

Question
The platform_api_python library version 1.58.0 release notes mention a refactor of header handling for compliance endpoints. The call_api trace stops at the prepare_request step without logging the header merge. Wire dump confirms X-Genesys-Compliance-Justification absent.

HTTP 403 Forbidden: The SDK client strips custom headers unless you explicitly pass them in the kwargs dict during the call. You’ll need to inject the compliance justification directly into the request context instead of relying on the global config.

api_instance = platformClient.PiiApi()
api_instance.pii_pii_deletions_post(
 body=deletion_request,
 _headers={'X-Genesys-Compliance-Justification': 'gdpr_art_17_user_request'}
)

That usually clears the gateway block.

The _headers kwarg approach actually clears the 403. Ran a methodical test against the PII deletion endpoint on v12.1.0 Tokyo org and the compliance header sticks to the wire frame when passed directly in the call dict. Bulk deletion scripts start throwing 429s once the queue hits 30 requests per second, though. The SDK retry logic doesn’t account for the undocumented sustained limit on this specific route.

2024-05-12 14:22:01 [INFO] PiiApi.deletions_post -> 202
2024-05-12 14:22:04 [WARN] rate_limit_exceeded: 429
2024-05-12 14:22:05 [ERR] timeout on retry ...

Make sure to stagger the calls with a 150ms sleep between batches or you’ll hit the gateway hard throttle. Sorry for the newbie question about the retry backoff algorithm. The admin UI just spins when the queue backs up past 200 items and the backend drops the connection.