Demo environment only. No real identity data is processed or stored.

🔐 Authentication Required

You need an access token to use this demo. Complete the OAuth flow to get one:

  1. Click "Get Token via OAuth" button
  2. Complete the authorization flow
  3. You'll be redirected back with an access token

✅ Authenticated - Backend Enabled

Your access token is valid. All API calls use the backend consent service.

🔒 PRD-002: Consent Management System

This demo demonstrates Credo's consent lifecycle: granting, listing, and revoking user consents for different purposes.

Features:
  • Grant consent for specific purposes with configurable TTL
  • View active consents with expiry dates
  • Revoke consents at any time
  • 5-minute idempotency window prevents duplicate grants

Error

Select User

Demo users for testing consent flows

Available Purposes

Please select a user first

Loading purposes...

No purposes available
Please select a user to view their consents

Loading consents...

Purpose Status Granted At Expires At Actions

No active consents

This user hasn't granted any consents yet. Grant a purpose from the left panel.

This runner does not block missing consent. Expect 403s when consent is not granted.

Scenario + Inputs

Required Consents

registry_check
vc_issuance
decision_evaluation

Use the left panel to grant missing consents.

Backend API Endpoints

Live Mode: Making real requests to backend with your access token (Authorization: Bearer ...)
POST /auth/consent

Grant consent

{"purposes": ["login"]}

POST /auth/consent/revoke

Revoke consent

{"purposes": ["login"]}

GET /auth/consent

List user consents

Valid Purposes: login, vc_issuance, registry_check, decision_evaluation