Consent Management
Overview
The LoginRadius Consent Management feature allows you to collect consent information from your new or existing customers. This feature is provided to help you fulfill the requirements of some regulations, such as the GDPR, which requires that you only use your customers' data if you have obtained prior consent. Consent Management can be used for various purposes, such as obtaining consent from a customer to send them marketing content or permission to contact them regarding product updates.
- Terms and Conditions Agreement – Obtain explicit consent from users to agree to your platform’s terms and conditions before they can create an account or use your services.
- Data Sharing with Third Parties – Secure user consent before sharing personal information with third-party vendors, affiliates, or partners for service enhancements or personalized experiences.
- Cookie Preferences and Tracking: To comply with privacy regulations like GDPR and CCPA, users should be able to consent to the use of cookies and tracking technologies. This will ensure transparency in data collection for analytics, personalization, and advertising.
Configurations
To enable the consent Management follows the steps mentioned below
Configuration Steps:
- Navigate to Consent Management in the Admin Console**.**
- Define and set up consent types by selecting "Add New Form."
- Set consent as either mandatory or optional.
- Enable consent revocation options.
- Save the settings.
Consent Management Workflow
Consent Management allows you to capture your customer’s consent during predefined events created in your consent form. You can also create custom events in the consent form and collect consent details from your customers.
The consent form with the newest applicable date before the current date will be deemed the current consent form.
Previously given consents can be withdrawn by the customer.
LoginRadius provides the following status of forms:
- Published Form: Refers to a form that is Live and currently running on your web application with the latest date.
- Disabled Form: This refers to a form that has been disabled after being replaced by a newly published form for the same event.
Consent Management with Registration Flow
When the Consent Management feature is enabled, leverage the Auth User Registration By EmailAPI for registration. For example, pass the following JSON in the body parameter:
{
"Email": [
{
"Type": "Primary",
"Value": "[email protected]"
}
],
"Password": "dummy_password",
"Consents": {
"Events": [
{
"Event": "Register",
"IsCustom": false
}
],
"Data": [
{
"ConsentOptionId": "email_consent",
"IsAccepted": true
},
{
"ConsentOptionId": "sms_consent",
"IsAccepted": true
}
]
}
}
Note:
- Consent parameters may vary based on your configurations made over the Admin Console.
- You will receive the ErrorCode 1226 and the ConsentToken in response to this API call. You can use the received consent token to leverage other Consent APIs
Pre-defined Conditions for Consent Management
LoginRadius provides the following three predefined events on which consent can be applied:
- Register Event: At the time of registration, your customer will be prompted to provide consent. The Customer will not be able to register without consent if the consent is mandatory; otherwise, you can skip the permission at the time of registration.
- First Login Event: After registration, the Customer will be prompted to provide consent at the time of the first login. If consent is mandatory, the customer cannot log in without it; otherwise, the permission can be skipped at the time of the first login.
- Login Event: Your customer will be prompted to consent to every login. If consent is mandatory, the customer cannot log in without it; otherwise, you can skip the permission at the time of login.
Note: You can create custom events according to your requirements, as explained in the Admin Console Configuration section below.
You can select as many of the default events provided by LoginRadius (Registration, Login, and First Login) as needed to capture consent; however, you will not be able to select Login if you have not chosen First Login before, as Login is a subset of First Login.
If a form is activated on the set date for one defined event, the form previously running for the same event will automatically be disabled.
The Disabled Form cannot be activated or edited again. It can only be viewed and cloned (If required).