In 4Comply, Consent refers to the voluntary agreement or approval for a specific activity, captured as a binary value, i.e., Yes or No. Permission is the authorization to perform an action; broader in definition than Consent.

To add consent to a Digital Citizen, you can integrate external forms following these steps and make an API call to the POST /citizens/consent endpoint or use 4Comply Standard Forms. Whichever option you choose, the result will be the same.

If you have a webhook enabled for the “ConsentEntryCreated” trigger, you will receive a webhook containing the full Consent object after POSTing a consent request via the API. You will not receive webhooks for individual consent entries in a Bulk Request.

Adding consent for a Digital Citizen will create permissions for it based on the Permissions Evaluator.

The Permissions Evaluator processes the consent request as follows:

  1. Check for existing permissions which share the same permission_type
  2. If no matching permission exists for the Digital Citizen, 4Comply creates new permissions entries
  3. If permission with the same type exists for the Digital Citizen, 4Comply checks the Time-To-Live (TTL) for those permissions
  4. If the TTL is before that of the new entry, 4Comply updates the permission with the new TTL.
  5. If the TTL is later than the new entry, it leaves the existing permission.

You can check permissions for any Digital Citizen by permission type using the GET /citizens/permissions/{email}/{permission_type} endpoint with the Citizen’s email and consent type as parameters.

You can refer to the API Reference for more information.