Grant a User Consent

This API is used to grant Consent to a User.

Request#

API Key Authentication
Grant consent to a User with a randomly generated Id
POST/api/user/consent
OpenAPI Spec

Request Headers#

X-FusionAuth-TenantIdStringoptional

The unique Id of the tenant used to scope this API request.

The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

See Making an API request using a Tenant Id for additional information.

API Key Authentication
Grant consent to a User with the provided unique Id
POST/api/user/consent/{userConsentId}
OpenAPI Spec

Request Parameters#

userConsentIdUUIDoptionalDefaults to secure random UUID

The Id to use for the new User Consent. If not specified a secure random UUID will be generated.

Request Headers#

X-FusionAuth-TenantIdStringoptional

The unique Id of the tenant used to scope this API request.

The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

See Making an API request using a Tenant Id for additional information.

Request Body#

userConsent.consentIdUUIDrequired

The Id of the Consent being granted to the User.

userConsent.giverUserIdUUIDrequired

The Id of the User giving consent. When providing self-consent the giverUserId will be the same as the userId.

userConsent.statusStringoptionalDefaults to ActiveAvailable since 1.43.0

The status of the User consent. Possible values are:

  • Active
  • Revoked
userConsent.userIdUUIDrequired

The Id of the User receiving consent. When providing self-consent the giverUserId will be the same as the userId.

userConsent.statusStringrequired

The status of the User consent. Possible values are: // The spaces before the '-' on list items are required to properly align the text after the list

  • Active
  • Revoked

Setting the status to Revoked when the current status is Active will revoke the User Consent. Setting the status to Active when the current status is Revoked will Un-revoke the User Consent and make active again.

userConsent.valuesArray<String>optional

The consent values to be associated with this User consent.

Example Request JSON

{
  "userConsent": {
    "consentId": "d512b9b8-876f-4b5e-81f0-3e180b6ea485",
    "giverUserId": "605e88b7-a2fb-40b8-9c94-0123c0f6a70c",
    "userId": "841d8b33-bf4d-488d-9f2f-2f50d769c3d2",
    "values": [
      "Written"
    ]
  }
}

Response#

The response for this API contains the User Consent that was created.

Response Codes
CodeDescription
200The request was successful. The response will contain a JSON body.
400The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.
401You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
500There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.
503The search index is not available or encountered an exception so the request cannot be completed. The response will contain a JSON body.

Response Body#

userConsent.consentObject

The Consent object represented by the consentId field.

userConsent.consentIdUUID

The Id of the Consent being granted to the User.

userConsent.giverUserIdUUID

The Id of the User giving consent. When providing self-consent the giverUserId will be the same as the userId.

userConsent.idUUID

The unique Id of the User consent.

userConsent.insertInstantLong

The instant when the User consent was granted.

userConsent.lastUpdateInstantLong

The instant when the User consent was last updated.

userConsent.statusString

The current status of the User consent. Possible values are:

  • Active
  • Revoked
userConsent.userIdUUID

The Id of the User receiving consent. When providing self-consent the giverUserId will be the same as the userId.

userConsent.valuesArray<String>

The consent values to be associated with this User consent.

Example Response JSON

{
  "userConsent": {
    "consent": {
      "consentEmailTemplateId": "61cba163-2d53-4d2d-ad7f-801c27f0c277",
      "countryMinimumAgeForSelfConsent": {
        "de": 21
      },
      "defaultMinimumAgeForSelfConsent": 18,
      "emailPlus": {
        "enabled": true,
        "emailTemplateId": "9cd65fca-5aa0-4861-899b-8712d8ec963f",
        "maximumTimeToSendEmailInHours": 48,
        "minimumTimeToSendEmailInHours": 24
      },
      "id": "d512b9b8-876f-4b5e-81f0-3e180b6ea485",
      "multipleValuesAllowed": false,
      "name": "Patient Consent",
      "values": [
        "Written",
        "Verbal"
      ]
    },
    "consentId": "d512b9b8-876f-4b5e-81f0-3e180b6ea485",
    "giverUserId": "605e88b7-a2fb-40b8-9c94-0123c0f6a70c",
    "id": "674b5cd8-482a-43c9-986e-f9764bbee01d",
    "insertInstant": 1562180786558,
    "lastUpdateInstant": 1562180786558,
    "status": "Active",
    "userId": "841d8b33-bf4d-488d-9f2f-2f50d769c3d2",
    "values": [
      "Written"
    ]
  }
}