Skip to main content

Consent Management

The LoginRadius Consent Management feature allows you to collect consent information from your new or existing customers. This feature is provided to help you fulfill the requirements of some regulations, such as the GDPR, which requires that you only use your customers' data if you have obtained prior consent. Consent Management can be used for various purposes, such as obtaining consent from a customer to send them marketing content or permission to contact them regarding product updates.

Key Features and Use Cases

  • Terms and Conditions Agreement – Obtain explicit consent from users to agree to your platform’s terms and conditions before they can create an account or use your services.
  • Data Sharing with Third Parties – Secure user consent before sharing personal information with third-party vendors, affiliates, or partners for service enhancements or personalized experiences.
  • Cookie Preferences and Tracking: To comply with privacy regulations like GDPR and CCPA, users should be able to consent to the use of cookies and tracking technologies. This will ensure transparency in data collection for analytics, personalization, and advertising.

Admin Console Configuration

To configure Consent Management:

  1. Navigate to Consent Management in the Admin Console.
  2. Define and set up consent types by selecting "Add New Form".
  3. Set consent as either mandatory or optional.
  4. Enable consent revocation options.
  5. Save the settings.

You can also:

  • Add custom consent options (ID, title, description).
  • Define custom events beyond the default (Register, Login, First Login).

Consent Management allows you to capture your customer’s consent during predefined events created in your consent form. You can also create custom events in the consent form and collect consent details from your customers.

The consent form with the newest applicable date before the current date will be deemed the current consent form.

Previously given consents can be withdrawn by the customer.

LoginRadius provides the following status of forms:

  • Published Form: Refers to a form that is Live and currently running on your web application with the latest date.
  • Disabled Form: This refers to a form that has been disabled after being replaced by a newly published form for the same event.

When the Consent Management feature is enabled, leverage the Auth User Registration By Email API for registration. For example, pass the following JSON in the body parameter:

    {
"Email": [
{
"Type": "Primary",
"Value": "example@example.com"
}
],
"Password": "dummy_password",
"Consents": {
"Events": [
{
"Event": "Register",
"IsCustom": false
}
],
"Data": [
{
"ConsentOptionId": "email_consent",
"IsAccepted": true
},
{
"ConsentOptionId": "sms_consent",
"IsAccepted": true
}
]
}
}

📌 Note:

  • Consent parameters may vary based on your configurations made over the Admin Console.
  • You will receive the ErrorCode 1226 and the ConsentToken in response to this API call. You can use the received consent token to leverage other Consent APIs

LoginRadius provides the following three predefined events on which consent can be applied:

  • Register Event: At the time of registration, your customer will be prompted to provide consent.
  • First Login Event: After registration, the Customer will be prompted to provide consent when logging in for the first time.
  • Login Event: Your customer will be prompted to consent to every login.

📌 Note: You can create custom events according to your requirements, as explained in the Admin Console Configuration section below. If consent is mandatory, the customer cannot log in without it; otherwise, you can skip the permission.

You can select as many of the default events provided by LoginRadius (Registration, Login, and First Login) as needed to capture consent; however, you will not be able to select Login if you have not chosen First Login before, as Login is a subset of First Login.

If a form is activated on the set date for one defined event, the form previously running for the same event will automatically be disabled.

The Disabled Form cannot be activated or edited again. It can only be viewed and cloned (If required).

Integration Guide

For hosted pages integration:

Embed consent forms using the loginradius_consent_custom_tmpl template:

<script type="text/html" id="loginradius_consent_custom_tmpl">
<div id="loginradius_consent_group_tmpl">
<div id="loginradius_consent_option_tmpl">
<h3><#=consentTitle #></h3>
<p><#=consentDescription #> <input name="<#=consentId #>" type="checkbox"></p>
</div>
</div>
<h2>Terms of Service</h2>
<p><#=TermOfService #></p>
<br/>
<h2>Privacy Policy</h2>
<p><#=PrivacyPolicy #></p>
</script>

Use predefined placeholder tags like:

  • consentId: Displays Consent Option ID, configured in the Admin Console (ConsentID is mandatory in the template).
  • consentTitle: Displays Consent option title configured in the Admin console.
  • consentDescription: Displays Consent option description configured in the Admin Console.
  • TermOfService: Displays TermOfService for the consent event form added in the Admin Console.
  • Privacy Policy: Displays the privacy policy for the consent event form added to the Admin Console.
    📌 Note: All of the above variables are optional. However, the consentID is mandatory in the template and should be associated with the input attribute name. This is a compulsory condition form to be worked on.

You cannot directly delete a published consent form. Instead:

  1. Clone the old form.
  2. Publish a new form with a later start date.
  3. The previous form automatically becomes disabled.

Disabled forms:

  • Cannot be reactivated.
  • Can only be viewed or cloned.

Best Practices

  • Always configure consent as per compliance regulations (e.g., GDPR, CCPA).
  • Log and store consent transactions securely.
  • Keep your consent templates clear, specific, and user-friendly.
  • Use custom events thoughtfully — excessive prompts could impact user experience.