Skip to main content

Consent Solution API

Endpoint

POST {{base_url}}/{{tenant}}/domains_groups/1/consents

Description

This endpoint allows you to record user consent for various policies and preferences.

Inputs

The body of the request should be a JSON object containing the following fields:

  • subject (object): Contains the information of the subject granting consent.
    • email (string): The subject's email address.
    • first_name (string): The name of the subject.
    • last_name (string): The subject's last name.
    • age (integer): The age of the subject.
    • address (string, optional): The address of the subject.
  • identifier (string): The subject identifier (for example, "email").
  • ip_address (string): The subject's IP address.
  • proofs (HTML string): The evidence of consent provided by the subject.
  • legal_notices (object array): List of legal policies with the following properties for each policy.
    • name (string): Name of the policy (for example, "privacy_policy").
  • preferences (object array): List of preferences with the following properties for each preference.
    • name (string): Name of the preference (for example, "newsletter").
    • accepted (boolean): Indicates whether the preference has been accepted or not.

An example of input for the API could be the following:

{
    "subject": {
        "email": "test@email.it",
        "first_name": "Mario",
        "last_name": "Rossi",
        "age": 33,
        "address": "Example Street 123"
    },
    "identifier": "email",
    "ip_address": "12.64.193.89",
    "proofs": "<html></html>",
    "legal_notices": [
        {
            "name": "privacy_policy"
        },
        {
            "name": "cookie_policy"
        }
    ],
    "preferences": [
        {
            "name": "newsletter",
            "accepted": true
        },
        {
            "name": "updates",
            "accepted": true
        }
    ]
}

Output on success

If the request is successful, a JSON object with the following fields will be returned:

{
    "data": {
        "id": 6,
        "subject_id": null,
        "domains_group_id": 1,
        "ip_address": "12.64.193.89",
        "proofs": "<html></html>",
        "legal_notices": [
            {
                "name": "privacy_policy"
            },
            {
                "name": "cookie_policy"
            }
        ],
        "created_at": "2023-11-08T09:39:52.000000Z",
        "updated_at": "2023-11-08T09:39:52.000000Z",
        "consent_data": [
            {
                "name": "newsletter",
                "accepted": true
            },
            {
                "name": "updates",
                "accepted": true
            }
        ],
        "subject_data": {
            "email": "test@email.it",
            "first_name": "Mario",
            "last_name": "Rossi",
            "age": 33,
            "address": "Example Street 123"
            "identifier": "email"
        }
    }
}

Output in case of invalid token

If the token provided in the request is invalid, a JSON object with the following field will be returned:

{
    "message": "Unauthenticated"
}

This response indicates that the user is not authenticated or that the token provided is invalid for accessing the endpoint. Make sure you properly handle this situation in your system and provide appropriate instructions for the user or client to resolve the authentication issue.

Wordpress plugin configuration

Through the plugin, which can be installed with a zip, it will be possible to decide which data to save in the consent archive on Avacy.

The interface looks like this:

Alt ​​text

In the Account section you can configure:

  • The tenant name is the part of the domain that uniquely identifies your space or organization on Avacy. (For example mycompany.avacy.eu, the tenant name will be mycompany)

  • Webspace ID is a unique number or identifier assigned to a specific space or resource within a system. You can go to the dashboard of your web space and, in the address bar, the URL will be like mycompany.avacy.eu/dashboard/89. In this case, 89 is the webspace ID.

  • the API Token is a randomly generated string of alphanumeric characters in the Consent Solution section. This token is used for authentication and authorization when a request is sent to the API and serves as a mode of authentication.

In the Forms section there will be a table with the contact forms found on your site. Each row of the table will have the following columns:

  • Form ID: alphanumeric string that uniquely identifies the form on the website
  • Type: the type of form (Avacy supports Elementor Forms, WooCommerce Forms, HTMLForms and those created via WP Posts)
  • Active: allows you to select whether you want to store the consent given to that form or not
  • Fields: the fields detected in each form, it is possible to select those you want to store in the consent archive
  • Identifier: the field you want to use to identify the user (it is recommended to use the email field)

Testing

To test the API, simply select one or more lines of the form, mark them as active, select the fields you want to store in the consent and the field to use as the user identifier (the email field is recommended) .

So just enter valid data in the contact forms and send them (making sure to unmark the consent to the processing of personal data check box, if present). The consent data will be visible in the Consent Archive section of the Avacy dashboard.