Overview
The LoginRadius Consent Management APIs allow you to collect, manage, and track customer consent information in compliance with privacy regulations such as GDPR and CCPA. These APIs enable businesses to request, update, and retrieve consent information tied to customer profiles for marketing communications, third-party data sharing, and privacy policy agreements.
Consent Management ensures that you capture explicit customer permissions at various interaction points, helping you maintain transparency and regulatory compliance while delivering a seamless user experience.
Most endpoints require your LoginRadius API Key and the user's Access Token.
Retrieve LoginRadius API Key
- Log in to the Admin Console.
- Navigate to Tenant Settings and locate the API Configuration section. You will find the API Key required for most Authentication API endpoints there.
📌 Note: Please refer to this document for detailed information on Consent Management.
Common Consent Management API Endpoints
Here are the most commonly used Consent Management APIs:
- Submit Consent Endpoints
- Consent Log Endpoints
- Update / Verify Consent Endpoints
These endpoints allow you to capture customer consent at registration, login, or custom events. You can submit consent using an access token or a consent token received during registration flows.
| Action | Endpoint Description |
|---|---|
| Consent By Access Token | This API is used to submit a consent form for a particular event type using an access token. |
| Consent By Consent Token | This API is used to submit a consent form using a consent token. |
📌 Note: consent token - The consent token received with login error 1226
These endpoints provide a complete history of customer consents. To ensure traceability and auditing, you can retrieve consent logs using either the customer’s access token or their UID.
| Action | Endpoint Description |
|---|---|
| Consent Log by Access Token | This API is used to fetch consent logs. |
These endpoints allow you to update existing consent records or verify if the customer has submitted the required consents. They help maintain the accuracy and compliance of your consent data throughout the customer lifecycle.
| Action | Endpoint Description |
|---|---|
| Update Consent By Access Token | This API is used to update consents using the access token. |
| Verify Consent by Access Token | This API checks if consent is submitted for a particular event. |
Best Practices
- Always capture consents explicitly; avoid pre-checking consent options by default.
- Store consent timestamps and consent versions for auditing and compliance reporting.
- Enable easy withdrawal of consent to meet GDPR "Right to Withdraw" requirements.
- Use clear, non-technical language in your consent prompts to maximize customer understanding.
- Regularly review and update consent forms in line with legal and business changes.