Skip to main content

Creating a Consent Type

This guide will walk you through the process of creating a new consent type in the Consent Catalog via the POST /open-api/v1/consent-catalog/ endpoint.

Overview

The Consent Catalog is where you define and manage the various consent types your platform will collect and store. By registering these types, your system can handle different consent scenarios, such as privacy policy acceptance, email preferences, or any other customizable consent type.

Endpoint

POST /open-api/v1/consent-catalog/

Purpose

This endpoint allows you to register a new consent type in your catalog. Once registered, the consent type becomes available for gathering, updating, and managing user consents.

Request Structure

URL

POST https://api.platform.illow.io/open-api/v1/consent-catalog/

Headers

HeaderTypeRequiredDescription
X-API-KeyStringYesAPI Key for your account

Payload

The request body should be in JSON format and contain the following fields:

{
"type": "privacyPolicy" | "termsAndConditions" | "customPolicy",
"title": "string",
"description": "string",
"typeEntry": {
"url": "string",
"description": "string"
}
}

Parameters

  • type (required): The type of the consent entry. This field is an enum.
  • title (required): The title for the consent catalog.
  • description (optional): A description of the consent entry.
  • typeEntry (required): An object containing the first version of this consent type.
    • url (required): The URL of the policy.
    • description (optional): A description of the version entry.

Example Request

{
"type": "privacyPolicy",
"title": "My website's privacy policy",
"description": "Consents related to the acceptance of the privacy policy of my website.",
"typeEntry": {
"url": "https://example.com/policy/1",
"description": "The first version of the privacy policy of my new website."
}
}
curl -X POST https://api.platform.illow.io/open-api/v1/consent-catalog/ \
-H "X-API-Key: YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"type": "privacyPolicy",
"title": "The privacy policy for my website",
"description": "Consents related to the acceptance of the privacy policy of my website.",
"typeEntry": {
"url": "https://example.com/policy/1",
"description": "The first version of the privacy policy of my new website."
}
}'

Response Structure

A successful response will return the newly created consent type with its unique ID and details:

{
"companyId": "string",
"id": "string",
"title": "string",
"description": "string",
"type": "privacyPolicy" | "termsAndConditions" | "customPolicy",
"latestVersion": "string"
}

Example Response

{
"companyId": "b830b5fa-9180-4cb6-9f40-4cbe4729d0ac",
"id": "44499771-03fb-4f0c-8620-88f538385446",
"title": "My website's privacy policy",
"description": "Consents related to the acceptance of the privacy policy of my website.",
"type": "privacyPolicy",
"latestVersion": "1"
}

Response Codes

  • 200 OK: Consent type was successfully created.
  • 400 Bad Request: Invalid or missing parameters.
  • 401 Unauthorized: Authentication token is missing or invalid.
  • 500 Internal Server Error: An unexpected error occurred.

Best Practices

  • Use clear and descriptive values for the type and title fields to ensure the consent types are easily identifiable.
  • Ensure URLs provided in the typeEntry object are valid and point to the correct policies or resources.
  • Versioning is recommended for any changes to policies or terms to maintain consistency and compliance across user consents.

Additional Resources