The following example illustrates both consent capture and consent enforcement using the Consent API.
This example follows a user's journey on a website during which the company must gather consent to track the user's browsing behavior.
- A user launches the company's application and authenticates.
- The application wants to record the page visit but first checks if the user has granted consent to do so.
- The application makes a call to the Consent API to determine if the browsing-behavior consent record exists for this user and whether consent been granted.
- The API returns a result indicating that no consent record exists.
- The application prompts the user for his or her consent.
- The application calls the Consent API to retrieve the localization for the browsing-behavior consent, which includes the language that the application uses to produce a prompt for the user.
- After the user makes a decision, the application stores the user's decision by creating a new consent record through a call to the Consent API.
- Later, the user visits another page in the company's site, and the application wants to record the page visit, so it checks whether the user has granted consent to do so.
- The application makes a call to the Consent API to get the browsing-behavior consent record for this user.
- If the user's consent record agrees to have the company track his or her browsing behavior, the application can then make the appropriate calls to track browsing behavior.