- Consent Capture During Onboarding: During a user’s digital or physical registration process, a developer can take advantage of the user’s presence to pre-capture the consent required for the set of APIs the service will use later.
- In-App Notification for Consent: Developers can push a notification within their application, allowing customers to directly access the consent capture process in an easy-to-access place.
- Consent Capture Campaigns: Applications can create campaigns via email or other channels to capture consent from substantial portions of their user base.
Consent Info
Key Functionalities and Data Provided: This API allows developers to check if they are permitted to process data for a given user, scope and purpose. Using this API, developers can leverage their knowledge of their customers to trigger the consent capture process via the channel that best fits their application’s use case. Key functionalities include:
- Checking permission status: The API returns statusValidForProcessing, a boolean flag that indicates whether the requested data processing is currently permitted (true) or not (false).
- Understanding invalid status: If data processing is not permitted, the response includes a statusReason field to explain why.
- Requesting a consent URL: Developers can request a captureUrl from their backend server. If the status is not valid because user action is required, and the developer sets requestCaptureUrl to true, the API will return a captureUrl field that can be presented to the user. This URL directs them to the API Provider’s secure Consent capture channel, where they can provide or renew their consent.
These data points are derived from the API provider’s secure and trusted consent management system, ensuring accuracy while safeguarding user privacy and security.
- Enhanced User Trust and Security: This API reinforces trust by ensuring that privacy management and ownership remain with the API provider. The actual consent capture occurs within the API provider’s secure environment, authenticating the user with their provider credentials.
- Improved Conversion and User Experience: By leveraging knowledge of their customer, developers can trigger the consent process at the most effective time and channel. This boosts the chances of a positive response and avoids friction by first checking if consent is already in place before prompting the user.
- Flexible and Decoupled Integration: The API allows a developer to retrieve the consent URL from a backend server and present it on any device or application interface. This is ideal for pure backend services (e.g., background anti-fraud checks) where a user is not actively using a device, or for services on devices with limited interaction capabilities.
API Portfolio: Service Management
SubProject Wiki: N/a, Independent Sandbox, See API Wiki
(incl. how to meet the team)
API Wiki: Consent Info
API Repository: Consent Info
API Repository Status: Sandbox
API Status: Initial
API Version(s) and Release Date(s):
- v0.1.0 (18.09.2025), Fall25 meta-release
API availability: Information which APIs are available in which country and network, and how to get access can be found on the GSMA public launch status page.