How applications use the Consent API
The following example illustrates both consent capture and consent enforcement using the Consent API.
This example follows a user’s journey on a website during which the company must gather consent to track the user’s browsing behavior.
-
A user launches the company’s application and authenticates.
-
The application wants to record the page visit but first checks if the user has granted consent to do so.
-
The application makes a call to the Consent API to determine if the
browsing-behavior
consent record exists for this user and whether consent been granted. -
The API returns a result indicating that no consent record exists.
-
The application prompts the user for his or her consent.
-
The application calls the Consent API to retrieve the localization for the
browsing-behavior
consent, which includes the language that the application uses to produce a prompt for the user. -
After the user makes a decision, the application stores the user’s decision by creating a new consent record through a call to the Consent API.
-
Later, the user visits another page in the company’s site, and the application wants to record the page visit, so it checks whether the user has granted consent to do so.
-
The application makes a call to the Consent API to get the
browsing-behavior
consent record for this user. -
If the user’s consent record agrees to have the company track his or her browsing behavior, the application can then make the appropriate calls to track browsing behavior.