Consent Management
The LoginRadius Consent Management feature allows you to collect consent information from your new or existing customers. This feature is provided to help you fulfill the requirements of some regulations, such as the GDPR, which requires that you only use your customers' data if you have obtained prior consent. Consent Management can be used for various purposes, such as obtaining consent from a customer to send them marketing content or permission to contact them regarding product updates.
Key Features and Use Cases
- Terms and Conditions Agreement – Obtain explicit consent from users to agree to your platform’s terms and conditions before they can create an account or use your services.
- Data Sharing with Third Parties – Secure user consent before sharing personal information with third-party vendors, affiliates, or partners for service enhancements or personalized experiences.
- Cookie Preferences and Tracking: To comply with privacy regulations like GDPR and CCPA, users should be able to consent to the use of cookies and tracking technologies. This will ensure transparency in data collection for analytics, personalization, and advertising.
Admin Console Configuration
- Configure Consent Management
- Create Custom Consent Options
- Create Custom Events
To configure Consent Management:
- Navigate to Consent Management in the Admin Console.
- Define and set up consent types by selecting "Add New Form".
- Set consent as either mandatory or optional.
- Enable consent revocation options.
- Save the settings.
You can also:
- Add custom consent options (ID, title, description).
- Define custom events beyond the default (Register, Login, First Login).
You can add your consent options beyond defaults (like email consent, SMS marketing):
- Click Add New Form.
- Under Consent Options, click Add Consent Option.
- Specify:
- ID: Internal identifier
- Title: Display name
- Description: Detailed explanation for users
- Save and assign these options to your forms.
You can define new events where consent needs to be gathered:
- Click Add New Form.
- Under Events, click Add New.
- Provide a custom Event Name.
- Save and associate it with a consent form.
Example custom events:
- Profile Update
- Subscription Renewal
- Product Feedback
Consent Management Workflow
Consent Management allows you to capture your customer’s consent during predefined events created in your consent form. You can also create custom events in the consent form and collect consent details from your customers.
The consent form with the newest applicable date before the current date will be deemed the current consent form.
Previously given consents can be withdrawn by the customer.
LoginRadius provides the following status of forms:
- Published Form: Refers to a form that is Live and currently running on your web application with the latest date.
- Disabled Form: This refers to a form that has been disabled after being replaced by a newly published form for the same event.
Consent Management with Registration Flow
When the Consent Management feature is enabled, leverage the Auth User Registration By Email API for registration. For example, pass the following JSON in the body parameter:
{
"Email": [
{
"Type": "Primary",
"Value": "example@example.com"
}
],
"Password": "dummy_password",
"Consents": {
"Events": [
{
"Event": "Register",
"IsCustom": false
}
],
"Data": [
{
"ConsentOptionId": "email_consent",
"IsAccepted": true
},
{
"ConsentOptionId": "sms_consent",
"IsAccepted": true
}
]
}
}
📌 Note:
- Consent parameters may vary based on your configurations made over the Admin Console.
- You will receive the ErrorCode 1226 and the ConsentToken in response to this API call. You can use the received consent token to leverage other Consent APIs
Pre-defined Conditions for Consent Management
LoginRadius provides the following three predefined events on which consent can be applied:
- Register Event: At the time of registration, your customer will be prompted to provide consent.
- First Login Event: After registration, the Customer will be prompted to provide consent when logging in for the first time.
- Login Event: Your customer will be prompted to consent to every login.
📌 Note: You can create custom events according to your requirements, as explained in the Admin Console Configuration section below. If consent is mandatory, the customer cannot log in without it; otherwise, you can skip the permission.
You can select as many of the default events provided by LoginRadius (Registration, Login, and First Login) as needed to capture consent; however, you will not be able to select Login if you have not chosen First Login before, as Login is a subset of First Login.
If a form is activated on the set date for one defined event, the form previously running for the same event will automatically be disabled.
The Disabled Form cannot be activated or edited again. It can only be viewed and cloned (If required).
Integration Guide
- Hosted Page Integration
- JavaScript (V2JS) Integration
For hosted pages integration:
Embed consent forms using the loginradius_consent_custom_tmpl
template:
<script type="text/html" id="loginradius_consent_custom_tmpl">
<div id="loginradius_consent_group_tmpl">
<div id="loginradius_consent_option_tmpl">
<h3><#=consentTitle #></h3>
<p><#=consentDescription #> <input name="<#=consentId #>" type="checkbox"></p>
</div>
</div>
<h2>Terms of Service</h2>
<p><#=TermOfService #></p>
<br/>
<h2>Privacy Policy</h2>
<p><#=PrivacyPolicy #></p>
</script>
Use predefined placeholder tags like:
- consentId: Displays Consent Option ID, configured in the Admin Console (ConsentID is mandatory in the template).
- consentTitle: Displays Consent option title configured in the Admin console.
- consentDescription: Displays Consent option description configured in the Admin Console.
- TermOfService: Displays TermOfService for the consent event form added in the Admin Console.
- Privacy Policy: Displays the privacy policy for the consent event form added to the Admin Console.
📌 Note: All of the above variables are optional. However, the consentID is mandatory in the template and should be associated with the input attribute name. This is a compulsory condition form to be worked on.
- Consent Management via V2 JS
- Consent Management on Custom Event
You can deploy consent management fully through JavaScript:
Step 1: Initialize LoginRadiusV2 JS
Add the below code in the <head> tag:
<script src=https://auth.lrcontent.com/v2/LoginRadiusV2.js type='text/javascript'></script>
<script>
var commonOptions = {};
commonOptions.apiKey = "<your loginradius API key>";
commonOptions.appName = "<LoginRadius site name>";
var LRObject = new LoginRadiusV2(commonOptions);
</script>
Step 2: Load the Consent Management interface
Include the following code to load the Consent Management interface in your web application file in the <head> tag:
<script type="text/html" id="loginradius_consent_custom_tmpl">
<div id="loginradius_consent_group_tmpl">
<div id="loginradius_consent_option_tmpl">
<h3><#=consentTitle #></h3>
<p><#=consentDescription #> <input name="<#=consentId #>" type="checkbox"></p>
</div>
</div>
</div>
<h2>Terms of Service</h2>
<p><#=TermOfService #></p>
<br/>
<h2>Privacy Policy</h2>
<p><#=PrivacyPolicy #></p>
</script>
Step 3: Add a Container in HTML
Add the below container inside the <body> tag:
<div id="loginradius_consent_container"></div>
Add the following code to your web application to configure and set up consent for a custom event:
Step 1: Load the Consent Management interface
Add the below code inside the <head> tag.
<script>
consentCustomEvent_options = {
onSuccess: function(response) {
console.log(response);
},
onError: function(errors) {
console.log(errors);
},
container: 'customeventconsent-container',
event: 'xyz'
};
const customevt_opt = this.consentCustomEvent_options;
LRObject.util.ready(function() {
LRObject.init('customeventconsent', customevt_opt);
});
</script>
Replace event: 'xyz'
with the name of your custom event.
Step 2: Add a Container in HTML
Add the below container inside the <body> tag:
<div id="customeventconsent-container"></div>
Disable Consent Forms
You cannot directly delete a published consent form. Instead:
- Clone the old form.
- Publish a new form with a later start date.
- The previous form automatically becomes disabled.
Disabled forms:
- Cannot be reactivated.
- Can only be viewed or cloned.
Best Practices
- Always configure consent as per compliance regulations (e.g., GDPR, CCPA).
- Log and store consent transactions securely.
- Keep your consent templates clear, specific, and user-friendly.
- Use custom events thoughtfully — excessive prompts could impact user experience.