Update an existing consent record.

PATCH /v1/consents/{id}?by.id={userId}&by.type=user
Content-Type: application/json

The by query parameter is required. It contains the user ID updating the consent. ConsentGrid™ will not allow updating the consent by a user other than the owner of the consent. If the consent owner has a parent/guardian, then the updater must be one of those parent/guardians.

Request body contains the consent information:

{
  "from": Not before date,
  "setFrom": true,
  "to": Expiration date,
  "setTo": true,
  "status": "active",
  "setStatus": true,
  "choices": { JSON object describing user choices },
  "setChoices": true,
  "value": true,
  "setValue": true
}

Only selected fields are updated. Field selection is done by the set? fields. For instance, if setFrom=true, then the consent not-before-date is set to the from value. If a field is omitted, that field in unchanged in the consent.

Only the following consent fields can be modified:

  • activeRange, the not-before-date and the expiration data for the consent
  • status, valid values are active, pending and canceled
  • choices, a JSON document that must satisfy the JSON schema defined with the granule fields
  • value, true meaning subject agrees, false means subject does not agree.

To update other fields, the consent must be canceled and a new consent must be recorded for the subject. In particular, it is not possible to update policy and granule information.

Response

200 Ok

The existing consent information is stored in the consent history, and the new information becomes effective.

400 Bad Request

Malformed request, invalid value, etc. The return value is a JSON error object containing diagnostic information.

403 Forbidden

The authenticated key does not have the privileges for this operation. The return value is a JSON error object containing diagnostic information.

404 Not Found

Consent record not found.