# Consent ## OpenAPI Specification ```yaml openapi: 3.0.1 info: title: '' description: '' version: 1.0.0 paths: /{orgName}/projects/{projectName}/consents/data: post: summary: Consent deprecated: false description: >- Record a user’s consent decision (accept/reject) for a project. Consent is evaluated in real time and affects tracking and downstream features. operationId: consents-1 tags: [] parameters: - name: orgName in: path description: >- Organization slug/name in Intempt. Used to route the request to the correct organization. required: true example: '' schema: type: string default: demo-organization - name: projectName in: path description: >- Project slug/name inside the organization. Consent is recorded under this project. required: true example: '' schema: type: string default: demo-project - name: apiKey in: query description: Intempt API key used to authenticate the request. required: true schema: type: string default: identifier.secret requestBody: content: application/json: schema: type: object required: - action - timestamp - validUntil - source properties: action: type: string description: >- Consent action. This enumeration provides two possible actions regarding user consent: Accept Consent: By choosing this option, the user agrees to allow Intempt to send notifications. Reject Consent: By selecting this option, the user declines to receive notifications from Intempt. This field allows you to define the user's preference for receiving notifications. enum: - accept - reject timestamp: type: string description: Mandatory event timestamp in milliseconds. validUntil: type: string description: >- The consent can be set to expire at a specific time in milliseconds, which determines the period during which the consent is considered valid. Alternatively, if no expiration date is necessary, the consent can be set to 'unlimited', indicating that the consent remains valid indefinitely. This setting helps manage user consent duration according to specific requirements. source: type: string description: >- Defines the source from which the consent was given, such as 'desktop' for a desktop environment or 'mobile' for a mobile environment. This information helps to track where the consent was obtained, allowing for a better understanding of the context in which the consent was provided. category: type: string description: >- Defines the specific category of consent that the action applies to. If not provided, the action will be applied to all types of consents. By specifying a category, you can tailor consent management to different types of data processing or user activities, providing more precise control over the user's consent preferences. userId: type: string description: >- A unique identifier for a user, used for authorization purposes. This identifier is key to authenticating the user and granting access to appropriate resources and services. It can be linked to a specific profile, account, or other entity, ensuring secure and accurate authorization based on the user's identity. email: type: string description: >- An optional property used to store a user's email address. This property can be helpful for identification, communication, and notification purposes. Providing an email address may enhance user experience by allowing for personalized interactions and account recovery options. However, it is not mandatory, and the system can function without it. message: type: string description: >- An optional property used to store custom messages or notes associated with a user or an event. This property allows you to include additional context or information that can be useful for future reference, debugging, or tracking purposes. While this property provides flexibility in data management and communication, it is not required and can be omitted if not needed. x-apidog-orders: - action - timestamp - validUntil - source - category - userId - email - message examples: '1': value: >- var myHeaders = new Headers(); myHeaders.append("Content-Type", "application/json"); var raw = JSON.stringify({ "action": "accept", "timestamp": Date.now(), "validUntil": Date.now() + (365 * 24 * 60 * 60 * 1000), "source": "desktop", "category": "analytics", "sourceId": 0, "userId": "user@example.com", "email": "user@example.com", "message": "User accepted analytics consent on cookie banner" }); var requestOptions = { method: "POST", headers: myHeaders, body: raw, redirect: "follow" }; fetch("//projects//consents/data?apiKey=YOUR_API_KEY", requestOptions) .then(response => response.text()) .then(result => console.log(result)) .catch(error => console.log("error", error)); summary: Accept Analytics Consent — Desktop Web User description: >- Records a user’s consent for analytics tracking from a desktop web experience. The consent is valid for 1 year and is tied to a specific user profile and source. '2': value: >- var myHeaders = new Headers(); myHeaders.append("Content-Type", "application/json"); var raw = JSON.stringify({ "action": "reject", "timestamp": Date.now(), "validUntil": "unlimited", "source": "mobile", "category": "marketing", "sourceId": 2, "profileId": "profile_mobile_789", "userId": "mobile.user@domain.com", "message": "User declined marketing notifications in mobile app settings" }); var requestOptions = { method: "POST", headers: myHeaders, body: raw, redirect: "follow" }; fetch("//projects//consents/data?apiKey=YOUR_API_KEY", requestOptions) .then(response => response.text()) .then(result => console.log(result)) .catch(error => console.log("error", error)); summary: Reject Marketing Consent — Mobile App User description: >- Records a user’s decision to reject marketing communications from a mobile application. This consent applies only to the marketing category and does not affect other consent types. responses: '200': description: '200' content: application/json: schema: type: object properties: {} x-apidog-orders: [] headers: {} x-apidog-name: OK '400': description: '400' content: application/json: schema: type: object properties: {} x-apidog-orders: [] example: error: Invalid request message: Required field 'action' is missing or invalid headers: {} x-apidog-name: Bad Request security: [] x-apidog-folder: '' x-apidog-status: released x-run-in-apidog: https://app.apidog.com/web/project/1137771/apis/api-24815716-run components: schemas: {} securitySchemes: {} servers: [] security: [] ```