Operator (NaaS) platform implementing CAMARA APIs should be built with a privacy-by-default approach to fully comply with data protection regulations like the GDPR regulation in Europe, which emphasises on user’s privacy. These regulations note that some CAMARA APIs may require user consent to be accessed. This forces the operators to provide means and appropriate solutions to capture, store and manage this consent through its lifecycle. Otherwise, the scoped CAMARA APIs cannot be rolled out in production networks. Building such a solution also means bringing in scope the identity of the end user and/or the subscriber (as both could be different) and making sure that end user experience of using the API is not compromised while doing so. For that a new Sub Project “Identity and Consent Management” is initiated