Check user consent based on context.

POST /v1/checkconsent?detail=false
Content-Type: application/json

Request body is a JSON object:

{
  "subject": { "type": "user", "id": "..."},
  "granules": [ "granule1", "granule2",... ],
  "scopes": ["scope1", "scope2", ...],
  "context": {
    // context is JSON object containing fields used during consent granule definitions
    "purpose": "marketing",
    "by": {"type":"user", "id": "..."},
    "requester": {
     "type": "user",
      "id":  "..." 
    }
  }
}

The following input values are required:

subjectId
The identifier of the user the consent belongs to. (Required)
granules/scopes
One or more granules or scopes for which to check consent. (Required)
context
A JSON object describing the current context. ConsentGrid validates whether or not a granule or scope is allowed by the user based on the current context.
detail
Optional query parameter to return template and consent information along with the consent value.

This API will check the active user consent for the consent granules and scopes based on the context described in the input document. The output contains the results and optionally form and consent details :

If detail=false or not specified:

{ 
  "granules": [ {
    "granule": "granule1",
    "value": true,
    "scopes": [[ "scope1","scope2"],...]
  },
  {
    "granule": "granule2",
    "value": false,
    "scopes" [["scope1"], ["scope2",... ]]
  },
  ...
  ]
}

If detail=true, the output will contain consent detail information:

{
  "granules": [ {
    "granule": "granule1",
    "value": true,
    "scopes": [["scope1","scope2"],...],
    "consentDetail": [
      {
        "uri":"https://consentgrid.io/consent/v1/c?handle=1a78b468727647ffeefe",
        "data" {
          "uri":"https://consentgrid.io/template/v1/d?id=3a0b468728763ce56fe",
          "name": "resourceName",
          "lastVersion": 2,
          "consentVersion": 1
        }
      },...
    ]
  },
  {    
    "granule": "granule2",
    "value": false,
    "scopes": [["scope1","scope2"],...],
  },
  ...
  ]    
}

Every element of consentDetail contains a consent record for this granule, and the template and template data recorded when the consent was recorded. The lastVersion is the current latest version of the template used to accept/reject the consent. The consentVersion is the version of the template used to display the end-user terms and conditions, disclosures, etc. These two can be used to check if the template has been modified since the consent has been recorded.

Example

The following calls retrieve the consent for granule "email", with purpose "marketing":

POST /v1/checkconsent
Content-Type: application/json

{
  "subject": {"id": "123abc"},
  "granules": ["email"],  
  "context": {
    "purpose": "marketing"
  }
}