Permission:
Vendor list-GDPR | Vendor list-U.S. Privacy | Vendor list-U.S. Multi-State
Authenticated consent allows your organization to share an end-user's consent preferences across their different authenticated (i.e. logged-in) devices and deliver an improved end-user experience on your platform (since the end-user does not have to re-consent for each device). In this article, we provide an overview of how Sourcepoint retains an end-user's consent preferences and pushes this preference to the end-user's other authenticated devices, and how to enable authenticated consent for your organization.
Consent identifier
Authenticated consent utilizes a consent identifier to link an end-user's consent preferences to an authenticated (i.e. logged-in) user profile. Using the consent identifier, Sourcepoint will persist the consent preferences for the end-user in other properties in your configuration.
The consent identifier is passed into your Sourcepoint account via an authId
implemented on a page or mobile app. Typically, this consent identifier is a username, userID, or any other unique key that your organization uses to identify a specific user.
Note: Your organization can use the optional authCookie
parameter in your implementation to set a unique name for your authId
. See Sourcepoint's implementation documentation on optional client configuration parameters for more information.
Additionally, if your organization uses email address as a unique key for an end-user, you will want to use a hashed email to protect the end-user's personal information.
In the diagram below, we illustrate the data flow between an authenticated end-user interacting with your properties across three devices.
When your consent management portal (CMP) is called on one your properties, Sourcepoint will check whether the authId
(consent identifier) has an associated consent preference.
Consent preferences | Action |
authId has consent preferences |
Your CMP will not ask for the end-user's consent preferences. |
authId does not have consent preferences |
Sourcepoint will load your pre-determined scenario and save any consent preferences to the authId in our database for the next time the authId is called |
Requirements
The following requirements must be met In order to successfully utilize authenticated consent between properties:
- Properties using authenticated consent must use the same vendor list
- The consent scope for the vendor list should be set to Shared site (see below)
Note: For GDPR TCF, GDPR Standard, and/or U.S. Multi-State Privacy vendor lists, consent scope
can be set directly from the vendor list builder.
For U.S. Privacy (Legacy) vendor lists, you will need to contact your Sourcepoint representative to have this setting enabled in the back-end.
Implement authenticated consent
In this section, we will cover how to implement authenticated consent on web properties.
Note: Please follow the links before for more information on how to implement authenticated consent for iOS and Android:
To implement authenticated consent on a web page, you can either pass the consent identifier via the authId
or authCookie
parameter in your implementation code or via a cookie written directly on the page.
Here the authId
can be set directly in the config section of your organization's CMP as shown in this example:
window._sp_queue = [];
window._sp_ = {
config: {
accountId: 1584,
baseEndpoint: 'https://cdn.privacy-mgmt.com',
ccpa: { },
gdpr: { },
authId: 123456,
events: {
onMessageReady: function() {},
onMessageChoiceSelect: function() {},
onPrivacyManagerAction: function() {},
onMessageChoiceError: function() {},
onConsentReady: function() {},
onPMCancel: function() {},
onMessageReceiveData: function() {},
onSPPMObjectReady: function() {},
onError: function() {}
}
}
}
The authId
can be written directly to a cookie with the default name authId
as shown in this example:
document.cookie = "authId=123123123";
Your organization can specify the name of the cookie that stores the authId
using the authCookie
parameter. The authId
can be written directly to the cookie with the new name as shown in this example:
window._sp_queue = [];
window._sp_ = {
config: {
accountId: 1584,
baseEndpoint: 'https://cdn.privacy-mgmt.com',
ccpa: { },
gdpr: { },
authCookie: "myAuthIdCookie",
events: {
onMessageReady: function() {},
onMessageChoiceSelect: function() {},
onPrivacyManagerAction: function() {},
onMessageChoiceError: function() {},
onConsentReady: function() {},
onPMCancel: function() {},
onMessageReceiveData: function() {},
onSPPMObjectReady: function() {},
onError: function() {}
}
}
}
document.cookie = "myAuthIdCookie=123123123";
Comments
0 comments