Data Providers

Verify Access Record

Returns the full access record for a given access key. Called by Data Providers before releasing meter data.

Authentication: Unauthenticated by design. The access key acts as the credential; treat it as a secret.

Verification checklist (all record types):

access-event.state must be ACTIVE.
access-event.expiry must be in the future, or null.
record-metadata.controller identity must match the organisation you have a verified commercial relationship with on your platform.
The data types being requested must be within processing.data-types.
Log response.transaction-id for your audit trail.

Additional checks by legal basis:

Consent records: confirm access-event.consent.consent-type is appropriate for the data category being released.
Legitimate interests: confirm processing.lia-reference is present.
Public task / legal obligation: confirm processing.statutory-reference is present.

GET

access-records

{ak}

Verify Access Record

curl --request GET \
  --url https://api.central.consent/v1/access-records/{ak}

{
  "response": {
    "resource": "/v1/access-records/ak_691df0c788ca043403b7fa90",
    "timestamp": "2026-03-11T12:00:00Z",
    "transaction-id": "tid_691df0c788ca043403b7fa90"
  },
  "access-record": {
    "record-metadata": {
      "schema-version": "1.0",
      "controller": {
        "name": "Bright Energy Ltd",
        "contact-url": "https://bright-energy.com/contact",
        "address": {
          "addressLine1": "221B Baker Street",
          "townCity": "London",
          "postcode": "NW1 6XE",
          "addressLine2": "Marylebone",
          "county": "Greater London"
        }
      },
      "pii-principal": {
        "mpxn": "1234567890123",
        "move-in-date": "2022-06-30",
        "address": {
          "addressLine1": "221B Baker Street",
          "townCity": "London",
          "postcode": "NW1 6XE",
          "addressLine2": "Marylebone",
          "county": "Greater London"
        }
      },
      "record-identifier": "ak_691df0c788ca043403b7fa90",
      "created-at": "2024-01-15T09:30:00Z"
    },
    "notice": {
      "terms-url": "https://bright-energy.com/privacy-v3.html",
      "notice-version": "v3.2",
      "notice-language": "en"
    },
    "processing": {
      "legal-basis": "uk-consent",
      "purpose": "Energy efficiency analysis and tariff recommendations",
      "data-types": [
        "HH-CONSUMPTION"
      ],
      "privacy-rights-url": "https://bright-energy.com/your-rights",
      "lia-reference": "LIA-2024-003",
      "statutory-reference": "Energy Act 2023, s.147",
      "jurisdiction": "GB",
      "data-source": "National Grid ESO / MPAS",
      "recipients": [
        {
          "name": "Analytics Co Ltd",
          "role": "Sub-processor",
          "privacy-url": "https://analyticsco.com/privacy"
        }
      ],
      "storage-conditions": {
        "location": "GB",
        "retention-period": "P2Y"
      }
    },
    "access-event": {
      "state": "ACTIVE",
      "registered-at": "2023-11-07T05:31:56Z",
      "expiry": "2027-11-10T17:07:01.580Z",
      "consent": {
        "consent-type": "expressed-consent",
        "expressed-by": "data-subject",
        "method": "Explicit web checkbox",
        "principal-verification": {
          "method": "credit-card",
          "verified-at": "2023-11-07T05:31:00Z",
          "outcome": "verified",
          "reference": "ch_3ABC123xyz",
          "submitted": "XXXX-XXXX-XXXX-4242",
          "verified-against": "Stripe customer record cus_ABC123",
          "detail": {
            "last4": "4242",
            "brand": "visa",
            "stripe_customer": "cus_ABC123"
          }
        }
      },
      "controller-reference": "REF-00123",
      "revoked-at": "2025-06-01T14:22:00Z"
    }
  }
}

Path Parameters

string

required

The access key issued at registration. Unique opaque identifier for an access record, issued by the register on creation. Treat as a secret — possession enables access verification.

Pattern: ^ak_[0-9a-f]{24}$

Example:

"ak_691df0c788ca043403b7fa90"

Response

Access record found and returned.

The full access record returned for verification. notice and access-event.consent will be null for non-consent records.

response

object

required

Show child attributes

access-record

object

required

A data access record covering all lawful bases. The same schema is used regardless of processing.legal-basis. The notice field and access-event.consent sub-object are null for non-consent records and populated for consent records.

Show child attributes

Last modified on March 11, 2026

List Access Records for a Meter PointReturns access records associated with a given MPxN, registered by the authenticated Data User. Covers all legal bases and all lifecycle states unless filtered. Supports customer transparency — customers may request this list via any Controller to see who holds registered access to their meter point data.

Verify Access Record

curl --request GET \
  --url https://api.central.consent/v1/access-records/{ak}

{
  "response": {
    "resource": "/v1/access-records/ak_691df0c788ca043403b7fa90",
    "timestamp": "2026-03-11T12:00:00Z",
    "transaction-id": "tid_691df0c788ca043403b7fa90"
  },
  "access-record": {
    "record-metadata": {
      "schema-version": "1.0",
      "controller": {
        "name": "Bright Energy Ltd",
        "contact-url": "https://bright-energy.com/contact",
        "address": {
          "addressLine1": "221B Baker Street",
          "townCity": "London",
          "postcode": "NW1 6XE",
          "addressLine2": "Marylebone",
          "county": "Greater London"
        }
      },
      "pii-principal": {
        "mpxn": "1234567890123",
        "move-in-date": "2022-06-30",
        "address": {
          "addressLine1": "221B Baker Street",
          "townCity": "London",
          "postcode": "NW1 6XE",
          "addressLine2": "Marylebone",
          "county": "Greater London"
        }
      },
      "record-identifier": "ak_691df0c788ca043403b7fa90",
      "created-at": "2024-01-15T09:30:00Z"
    },
    "notice": {
      "terms-url": "https://bright-energy.com/privacy-v3.html",
      "notice-version": "v3.2",
      "notice-language": "en"
    },
    "processing": {
      "legal-basis": "uk-consent",
      "purpose": "Energy efficiency analysis and tariff recommendations",
      "data-types": [
        "HH-CONSUMPTION"
      ],
      "privacy-rights-url": "https://bright-energy.com/your-rights",
      "lia-reference": "LIA-2024-003",
      "statutory-reference": "Energy Act 2023, s.147",
      "jurisdiction": "GB",
      "data-source": "National Grid ESO / MPAS",
      "recipients": [
        {
          "name": "Analytics Co Ltd",
          "role": "Sub-processor",
          "privacy-url": "https://analyticsco.com/privacy"
        }
      ],
      "storage-conditions": {
        "location": "GB",
        "retention-period": "P2Y"
      }
    },
    "access-event": {
      "state": "ACTIVE",
      "registered-at": "2023-11-07T05:31:56Z",
      "expiry": "2027-11-10T17:07:01.580Z",
      "consent": {
        "consent-type": "expressed-consent",
        "expressed-by": "data-subject",
        "method": "Explicit web checkbox",
        "principal-verification": {
          "method": "credit-card",
          "verified-at": "2023-11-07T05:31:00Z",
          "outcome": "verified",
          "reference": "ch_3ABC123xyz",
          "submitted": "XXXX-XXXX-XXXX-4242",
          "verified-against": "Stripe customer record cus_ABC123",
          "detail": {
            "last4": "4242",
            "brand": "visa",
            "stripe_customer": "cus_ABC123"
          }
        }
      },
      "controller-reference": "REF-00123",
      "revoked-at": "2025-06-01T14:22:00Z"
    }
  }
}

Overview

Authentication

Data Users

Data Providers

Authentication

Data Users

Data Providers

Verify Access Record

Path Parameters

Response