Prepare and return a consent form.

This API can be used to retrieve the HTML contents of the consent form from the backend of your application. The backend has to pass the HTML content to the front end to display the form. Here is a more detailed explanation of how this works.

POST /v1/consentforms/web/{templateName}/subjects/{subjectType}/{subjectId}/{type}?locale=en&subjectOption=option&ok=ok_uri&err=err_uri&by.id=id&by.type=user
Content-Type: application/json
Accept: application/json | text/html

The templateName, along with the optional locale query parameter, will be used to select the consent form with the given specific locale. If a consent form template for this locale is not available, the form template for the default locale will be used.

The subjectId specifies the data subject for which the form is being instantiated. If there is a data subject with this id is in the database, it will be loaded, and combined with the data subject information submitted in the request body. This means if you uploaded your subject information before, then by providing the subjectId in the request document you can load the subject information from the database. The subjectOption query parameter determines how to process the subject information in the document. Possible values are:

merge or unspecified
Merge the given subject information with the subject information in the database, and use it to build the consent form template.
rewrite
Overwrite the subject information as given in the request body.
id
Only store the subject id in the database. The form template can still use any subject information submitted in the request body.

The type path parameter is either new that means no existing consent information is loaded to initialize the form, or current that means existing consent information is loaded and used to initialize the form. This only works for consent granules with at most one active consent record (that is, granule cancels existing active consents when user saves a new consent record).

If no Accept header values are given or if Accept: text/html, this API returns the form as an HTML document. If Accept: application/json, then the API returns the JSON-encoded form as follows:

{ 
 "text": "htmlForm..."
}

The ok and err query parameters will be appended to the form action URL. If the ok=ok_uri query parameter is given, an HTTP redirect response to this URI will be returned upon successful submission of the form. If the err=err_uri query parameter is given, errors during submission will be redirected to this URI. If the error URI is not given, errors will be redirected to the ok_uri, with an additional query parameter err=msg containing the error message.

The request body must be an instance of the JSON schema specified when the consent form template is defined.

{
  "subject": {
    Subject fields
  },
  "data": {
    Data fields to be stored with consent  
  },
  "uiData" {
    Fields available for form display, but will not be stored
  }
}

by is an optional field that specifies the user identifier for the user saving the consent on behalf of the data subject. If omitted or empty, it is assumed that the data subject is recording the consent himself/herself.

Response

If successful, the return value will depend on Accept header in the request. If Accept: application/json, then the return value is the following document:

 { 
 "text": "templateData..."
}

Otherwise, the return document is an HTML document or fragment as defined by form template.