Download OpenAPI specification:Download
OpenAPI specification for the ID Gateway consent management endpoints.
The API provides purpose-based consent management with support for granting, revoking, and listing user consents. All endpoints require authentication via JWT bearer token.
Lifecycle defaults (configurable via env):
CONSENT_TTL (default 365d) sets expiry for new grants and renewals.CONSENT_GRANT_WINDOW (default 5m) makes rapid repeat grants a no-op; timestamps are not updated and the existing consent is returned.Grant consent for one or more purposes. If consent already exists for
a purpose and is active, it's renewed with a new expiry date. If consent
was previously revoked or expired, the same consent ID is reused and
updated to active status. Requests arriving within the grant idempotency
window (CONSENT_GRANT_WINDOW, default 5m) for an already-active consent
are treated as idempotent: no timestamps are updated and the existing
consent is returned.
| purposes required | Array of strings (ConsentPurpose) [ 1 .. 50 ] items Items Enum: "login" "registry_check" "vc_issuance" "decision_evaluation" List of purposes to grant consent for |
{- "purposes": [
- "login",
- "registry_check",
- "vc_issuance"
]
}{- "granted": [
- {
- "purpose": "login",
- "granted_at": "2025-12-03T10:00:00Z",
- "expires_at": "2026-12-03T10:00:00Z",
- "status": "active"
}, - {
- "purpose": "registry_check",
- "granted_at": "2025-12-03T10:00:00Z",
- "expires_at": "2026-12-03T10:00:00Z",
- "status": "active"
}
], - "message": "Consent granted for 2 purposes"
}Retrieve all consent records for the authenticated user, including
active, expired, and revoked consents. The status field is computed
based on the revoked_at and expires_at timestamps. Invalid filter values
for status or purpose return a 400 bad_request error.
| status | string Enum: "active" "expired" "revoked" Filter by consent status |
| purpose | string Enum: "login" "registry_check" "vc_issuance" "decision_evaluation" Filter by specific purpose |
{- "consents": [
- {
- "id": "6f8e9c2a-1d2f-4a7e-9d1e-1a2b3c4d5e6f",
- "purpose": "login",
- "granted_at": "2025-12-03T10:00:00Z",
- "expires_at": "2026-12-03T10:00:00Z",
- "status": "active"
}, - {
- "id": "b3f09e12-6c44-4fa1-9a0a-0e9a7b2d5c4f",
- "purpose": "registry_check",
- "granted_at": "2025-12-03T10:00:00Z",
- "expires_at": "2026-12-03T10:00:00Z",
- "revoked_at": "2025-12-03T11:00:00Z",
- "status": "revoked"
}
]
}Revoke consent for one or more purposes. Once revoked, future operations requiring that purpose will fail until consent is re-granted. Revoking already revoked or expired consent is idempotent. Missing consents are ignored (no error). The response only includes newly revoked consents.
| purposes required | Array of strings (ConsentPurpose) [ 1 .. 50 ] items Items Enum: "login" "registry_check" "vc_issuance" "decision_evaluation" List of purposes to revoke consent for |
{- "purposes": [
- "registry_check"
]
}{- "revoked": [
- {
- "purpose": "registry_check",
- "revoked_at": "2025-12-03T11:00:00Z",
- "status": "revoked"
}
], - "message": "Consent revoked for 1 purpose"
}Revoke all consents for the authenticated user that are not already revoked. This is a bulk operation intended for cleanup and administrative purposes. Expired consents remain expired and are not marked revoked. Returns a message that includes the count of consents revoked.
{- "revoked": null,
- "message": "Consent revoked for 3 purposes"
}Permanently delete all consent records for the authenticated user. This is a destructive operation intended for GDPR "right to erasure" (Article 17) compliance. Unlike revoke-all, this removes records entirely rather than marking them as revoked.
Use cases:
Important: This operation is irreversible. Deleted consents cannot be recovered. For audit purposes, consider using revoke-all instead unless full erasure is required.
{- "message": "All consents deleted"
}Permanently delete all consent records for the authenticated user. This is a destructive operation intended for GDPR "right to erasure" (Article 17) compliance. Unlike revoke-all, this removes records entirely rather than marking them as revoked.
Use cases:
Important: This operation is irreversible. Deleted consents cannot be recovered. For audit purposes, consider using revoke-all instead unless full erasure is required.
{- "message": "All consents deleted"
}