Retrieve end-user consent profile (U.S. Privacy - CCPA)

May 15, 2023 13:13

Sourcepoint offers your organization an API to retrieve an end-user's current consent information for the U.S. Privacy - CCPA legislative framework. This API can be called by server-side code or through a third-party service like Postman.

An end-user's consent information can be retrieved using the ccpaUUID value or the authId value.

API endpoint
Example implementation
API response

API endpoint

The API endpoint to retrieve an end-user's consent information using ccpaUUID or authId are as follows:

Retrieve end-user consent profile with ccpaUUID

The API endpoint to retrieve an end-user's consent profile using ccpaUUID is:

GET https://cdn.privacy-mgmt.com/ccpa/ccpa/consent/{_SITE_ID_}/consent-status?ccpaUUID={_ccpaUUID_}

This API endpoint has two placeholders that need to be replaced with the correct values:

A property's site ID {_SITE_ID_}
The cookie ccpaUUID {_ccpaUUID_}

Note: The site ID value is the same as the Property ID and can be found on the Properties page inline with the property name.

The ccpaUUID value can be retrieved from the first-party cookie ccpaUUID.

Retrieve end-user consent profile with authId

The API endpoint to retrieve an end-user's consent profile using authId is:

GET https://cdn.privacy-mgmt.com/ccpa/ccpa/consent/{_SITE_ID_}/consent-status?authId={_AUTH_ID_}

This API endpoint has two placeholders that need to be replaced with the correct values:

A property's site ID {_SITE_ID_}
The authenticated id {_AUTH_ID_}

Note: The site ID value is the same as the Property ID and can be found on the Properties page inline with the property name.

The authenticated id value can be retrieved from the first-party cookie authId.

Example implementation

Your organization can call the API endpoint using a server-side script or a third-party service like Postman.

Your organization can use a third-party service like Postman to retrieve an end-user's consent profile

Use the GET method and provide the correct API endpoint address and values for site id, and consentUUID, or authId.

API response

The API will return the following response if the request to retrieve the end-user's consent profile is successful.

Key	Type	Value
`userConsent`	Object	See below for the properties in the `userConsent` object.
`newUser`	Boolean	Is the end-user a new user to the property?
`ccpaApplies`	Boolean	Does CCPA apply in this situation?
`signedLspa`	Boolean	Are any vendors a part of LSPA?
`dnsDisplayed`	Boolean	Whether Do Not Sell has been displayed to user.
`cookies`	Array	Cookies created/updated.
`expirationDate`	String	When the end-user's consent profile expires.
`actions`	Array	Consent and/or reject actions configured for vendors and/or purposes that triggered.

`userConsent` object

Key	Type	Value
`ccpaUUID`	String	Represents the user's unique id for which a consent profile is stored against
`consentedAll`	Boolean	Has the end-user's consent profile consented to all vendors and purposes on the vendor list?
`rejectedAll`	Boolean	Has the end-user's consent profile opted-out of all vendors and purposes on the vendor list?
`rejectedVendors`	Array	The specific vendors (by ID) to which an end-user has opted-out. Only returns a response when an end-user has partial consent (i.e. end-user has opted-out of some but not all vendors).
`rejectedCategories`	Array	The specific purposes (by ID) to which an end-user has opted-out. Only returns a response when an end-user has partial consent (i.e. end-user has opted-out of some but not all purposes).
`status`	String	The consent status for the end-user's consent profile.
`dateCreated`	String	The date the consent status was created/last updated.

{
    "userConsent": {
        "ccpaUUID": "12345678-abcd-1234-5678-abcdefghijklm",
        "consentedAll": false,
        "rejectedAll": false,
        "rejectedVendors": [
            "12345abcde6789fghijk1234",
            "ab12cd34ef56gh89ij10kl11"
        ],
        "rejectedCategories": [
            "abcd1234efgh5678ijkl1234",
            "98765abc4321def1234ghi56"
        ],
        "status": "rejectedSome",
        "dateCreated": "2023-04-17T13:46:45.834Z"
    },
    "newUser": false,
    "ccpaApplies": true,
    "signedLspa": false,
    "dnsDisplayed": false,
    "cookies": [
        {
            "key": "resolvedID",
            "value": true,
            "maxAge": 31536000,
            "shareRootDomain": true,
            "setPath": true
        },
        {
            "key": "ccpaUUID",
            "value": "12345678-abcd-1234-5678-abcdefghijklm",
            "maxAge": 31536000,
            "shareRootDomain": true,
            "setPath": true
        },
        {
            "key": "dnsDisplayed",
            "value": false,
            "setPath": true,
            "maxAge": 31536000
        },
        {
            "key": "ccpaApplies",
            "value": true,
            "setPath": true,
            "maxAge": 31536000
        },
        {
            "key": "signedLspa",
            "value": false,
            "setPath": true,
            "maxAge": 31536000
        }
    ],
    "expirationDate": "2024-04-16T13:46:45.834Z",
    "actions": []
}

Was this article helpful?

0 out of 0 found this helpful

Retrieve end-user consent profile (U.S. Privacy - CCPA)

API endpoint

Example implementation

API response

userConsent object

Articles in this section

`userConsent` object