Delete Customization

Overview

Important This endpoint requires HMAC authentication.

Delete an existing customization by its unique identifier.

Authentication

This endpoint requires HMAC authentication. You must include the Date and Authorization headers. See Authentication for details.

Endpoint

DELETE https://live.luigisbox.tech/v1/recommender/pin/{TRACKER_ID}/scope/{CUSTOMIZATION_ID}

Request Parameters

To delete a customization, send a DELETE request to the endpoint with the tracker_id and customization_id in the path.

Path Parameters

Parameter	Type	Required	Description
`TRACKER_ID`	String	✓	Your unique tracker identifier.
`CUSTOMIZATION_ID`	UUID	✓	The unique ID of the customization to delete.

Request Headers

Header	Value	Description
`Content-Type`	`application/json`	Required.
`Date`	HTTP Date	Required for HMAC.
`Authorization`	Signature	Required for HMAC.

Example Request

shell

tracker_id="1234-5678"
customization_id="199620b4-df1a-46e8-ab59-9e9ed9af7106"
private_key="your_private_api_key"
host="https://live.luigisbox.tech"
path="/v1/recommender/pin/${tracker_id}/scope/${customization_id}"
method="DELETE"
content_type="application/json; charset=utf-8"
date=$(date -u "+%a, %d %b %Y %H:%M:%S GMT")

string_to_sign="$(printf "${method}\n${content_type}\n${date}\n${path}")"
signature=$(echo -n "${string_to_sign}" | openssl dgst -sha256 -hmac "${private_key}" -binary | base64)

curl -X ${method} "${host}${path}" \
     -H "Content-Type: ${content_type}" \
     -H "Date: ${date}" \
     -H "Authorization: ApiAuth ${tracker_id}:${signature}"

How to make a request

All requests to this endpoint must be authenticated using HMAC SHA-256. The examples on the right demonstrate the implementation in various languages, but the core logic follows these steps:

1. Construct the String to Sign

Create a string using the following components, separated by newlines (\n):

HTTP Method: DELETE
Content-Type: application/json; charset=utf-8
Date: The current timestamp in RFC 1123 format (e.g., Mon, 20 Jan 2025 12:00:00 GMT).
Request Path: The full resource path including the ID.

2. Generate the HMAC Signature

Create an HMAC SHA-256 hash of the string above using your Private API Key.
Encode the result in Base64 and trim whitespace.

3. Send the Headers

Include Date, Content-Type, and Authorization: ApiAuth {TRACKER_ID}:{SIGNATURE} in your request.

Example Code

require 'faraday'
require 'base64'
require 'openssl'
require 'json'
require 'time'

def generate_luigisbox_digest(private_key, http_method, endpoint_path, date_header, content_type_header)
  data = "#{http_method}\n#{content_type_header}\n#{date_header}\n#{endpoint_path}"
  hash = OpenSSL::HMAC.digest('sha256', private_key, data)
  Base64.strict_encode64(hash).strip
end

tracker_id = 'YOUR_TRACKER_ID'
customization_id = '199620b4-df1a-46e8-ab59-9e9ed9af7106'
private_key = 'your_private_api_key'
host = 'https://live.luigisbox.tech'
endpoint_path = "/v1/recommender/pin/#{tracker_id}/scope/#{customization_id}"

conn = Faraday.new(url: host)

http_method = 'DELETE'
content_type = 'application/json; charset=utf-8'
date_header = Time.now.utc.strftime("%a, %d %b %Y %H:%M:%S GMT")

signature = generate_luigisbox_digest(private_key, http_method, endpoint_path, date_header, content_type)
authorization_header = "ApiAuth #{tracker_id}:#{signature}"

response = conn.delete(endpoint_path) do |req|
  req.headers['Date'] = date_header
  req.headers['Content-Type'] = content_type
  req.headers['Authorization'] = authorization_header
end

puts response.status

<?php
require 'vendor/autoload.php';

use GuzzleHttp\Client;

function generateLuigisboxDigest($privateKey, $httpMethod, $endpointPath, $dateHeader, $contentTypeHeader) {
    $data = "{$httpMethod}\n{$contentTypeHeader}\n{$dateHeader}\n{$endpointPath}";
    $hash = hash_hmac('sha256', $data, $privateKey, true);
    return trim(base64_encode($hash));
}

$TRACKER_ID       = "YOUR_TRACKER_ID";
$CUSTOMIZATION_ID = "199620b4-df1a-46e8-ab59-9e9ed9af7106";
$YOUR_PRIVATE_KEY = "your_private_api_key";
$LUIGISBOX_HOST   = 'https://live.luigisbox.tech';
$ENDPOINT_PATH    = "/v1/recommender/pin/{$TRACKER_ID}/scope/{$CUSTOMIZATION_ID}";

$http_method  = 'DELETE';
$content_type = 'application/json; charset=utf-8';
$current_date = gmdate('D, d M Y H:i:s') . ' GMT';

$signature = generateLuigisboxDigest($YOUR_PRIVATE_KEY, $http_method, $ENDPOINT_PATH, $current_date, $content_type);
$authorization_header = "ApiAuth {$TRACKER_ID}:{$signature}";

$client = new GuzzleHttp\Client();
$response = $client->request($http_method, "{$LUIGISBOX_HOST}{$ENDPOINT_PATH}", [
        'headers' => [
            'Content-Type'  => $content_type,
            'Date'          => $current_date,
            'Authorization' => $authorization_header,
        ]
    ]);

echo $response->getStatusCode();
?>

const axios = require('axios');
const crypto = require('crypto');

function generateLuigisBoxDigest(privateKey, httpMethod, endpointPath, dateHeader, contentTypeHeader) {
  const data = </span><span class="p">${</span><span class="nx">httpMethod</span><span class="p">}</span><span class="s2">\n</span><span class="p">${</span><span class="nx">contentTypeHeader</span><span class="p">}</span><span class="s2">\n</span><span class="p">${</span><span class="nx">dateHeader</span><span class="p">}</span><span class="s2">\n</span><span class="p">${</span><span class="nx">endpointPath</span><span class="p">}</span><span class="s2">;
  const hmac = crypto.createHmac('sha256', privateKey);
  hmac.update(data);
  return hmac.digest('base64').trim();
}

const TRACKER_ID = "YOUR_TRACKER_ID";
const CUSTOMIZATION_ID = "199620b4-df1a-46e8-ab59-9e9ed9af7106";
const YOUR_PRIVATE_KEY = "your_private_api_key";
const LUIGISBOX_HOST = 'https://live.luigisbox.tech';
const ENDPOINT_PATH = /v1/recommender/pin/</span><span class="p">${</span><span class="nx">TRACKER_ID</span><span class="p">}</span><span class="s2">/scope/</span><span class="p">${</span><span class="nx">CUSTOMIZATION_ID</span><span class="p">}</span><span class="s2">;

const httpMethod = 'DELETE';
const contentType = 'application/json; charset=utf-8';
const dateHeader = new Date().toUTCString();

const signature = generateLuigisBoxDigest(YOUR_PRIVATE_KEY, httpMethod, ENDPOINT_PATH, dateHeader, contentType);
const authorizationHeader = ApiAuth </span><span class="p">${</span><span class="nx">TRACKER_ID</span><span class="p">}</span><span class="s2">:</span><span class="p">${</span><span class="nx">signature</span><span class="p">}</span><span class="s2">;

axios({
  method: httpMethod,
  url: </span><span class="p">${</span><span class="nx">LUIGISBOX_HOST</span><span class="p">}${</span><span class="nx">ENDPOINT_PATH</span><span class="p">}</span><span class="s2">,
  headers: {
    'Content-Type': contentType,
    'Date': dateHeader,
    'Authorization': authorizationHeader
  }
})
.then(response => {
  console.log(response.status);
})
.catch(error => {
  console.error(error);
});

Response Structure

This endpoint returns a 204 No Content status upon successful deletion.

The Response Object

json

HTTP/1.1 204 No Content

Error Handling

HTTP Status	Description
204 No Content	Customization deleted successfully.
401 Unauthorized	Missing or invalid authentication.
404 Not Found	Customization not found.

Error Responses

json

{
  "reason": "Customization not found",
  "exception_details": {}
}

Navigation