PingDirectory

How applications use the Consent API

The following example illustrates both consent capture and consent enforcement using the Consent API.

This example follows a user’s journey on a website during which the company must gather consent to track the user’s browsing behavior.

  1. A user launches the company’s application and authenticates.

  2. The application wants to record the page visit but first checks if the user has granted consent to do so.

  3. The application makes a call to the Consent API to determine if the browsing-behavior consent record exists for this user and whether consent been granted.

  4. The API returns a result indicating that no consent record exists.

  5. The application prompts the user for his or her consent.

  6. The application calls the Consent API to retrieve the localization for the browsing-behavior consent, which includes the language that the application uses to produce a prompt for the user.

  7. After the user makes a decision, the application stores the user’s decision by creating a new consent record through a call to the Consent API.

  8. Later, the user visits another page in the company’s site, and the application wants to record the page visit, so it checks whether the user has granted consent to do so.

  9. The application makes a call to the Consent API to get the browsing-behavior consent record for this user.

  10. If the user’s consent record agrees to have the company track his or her browsing behavior, the application can then make the appropriate calls to track browsing behavior.