List Own Access Records

GET

records

curl --request GET \
  --url https://api.central.consent/v1/records \
  --header 'Authorization: Bearer <token>'

{
  "response": {
    "resource": "/v1/access-records/ak_691df0c788ca043403b7fa90",
    "timestamp": "2026-03-11T12:00:00Z",
    "transaction-id": "tid_691df0c788ca043403b7fa90"
  },
  "records": [
    {
      "ak": "ak_691df0c788ca043403b7fa90",
      "data-types": [],
      "lead-controller-name": "Bright Energy Ltd",
      "controller-count": 1,
      "record-metadata": {
        "schema-version": "1.0",
        "controller-arrangement": {
          "controllers": [
            {
              "name": "Bright Energy Ltd",
              "contact-url": "https://bright-energy.com/contact",
              "address": {
                "addressLine1": "221B Baker Street",
                "townCity": "London",
                "postcode": "NW1 6XE",
                "addressLine2": "Marylebone",
                "county": "Greater London"
              },
              "privacy-rights-url": "https://bright-energy.com/your-rights",
              "lia-reference": "LIA-2024-003",
              "statutory-reference": "Energy Act 2023, s.147",
              "storage-conditions": {
                "location": "GB",
                "retention-period": "P2Y"
              }
            }
          ],
          "art26-reference": "JCA-2024-BrightGrid-001"
        },
        "record-identifier": "ak_691df0c788ca043403b7fa90",
        "created-at": "2024-01-15T09:30:00Z",
        "identity-record-ref": "ir_a3c5e7f9b1d3a3c5e7f9b1d3"
      },
      "legal-basis": "uk-consent",
      "purpose": "Energy efficiency analysis and tariff recommendations",
      "expiry": "2023-11-07T05:31:56Z",
      "discovered-access": {
        "mpxn": "1234567890123",
        "organisation-name": "Acme Energy Services Ltd",
        "organisation-reference": "org_abc123def456",
        "first-seen": "2024-06-01",
        "data-types-observed": [],
        "source-reference": "DCC-TX-LOG-2026-03-001",
        "last-seen": "2026-02-28",
        "superseded-by": "ak_691df0c788ca043403b7fa90"
      }
    }
  ],
  "total": 123
}

Authorizations

Authorization

string

header

required

JWT from GET /auth/token. Pass as Authorization: Bearer <token>. Expires after 7200s.

Query Parameters

legal-basis

enum<string>

Filter by legal basis. The legal basis under which the Controller accesses customer data.

Consent bases — notice and access-event.consent must be populated.

Value	Plain name	Article
`uk-consent`	UK Consent	UK GDPR Art. 6(1)(a)
`uk-explicit-consent`	UK Explicit Consent	UK GDPR Art. 9(2)(a)

Non-consent bases — notice and access-event.consent must be null.

Value	Plain name	Article	Supporting field (on lead controller)
`uk-legitimate-interests`	UK Legitimate Interests	UK GDPR Art. 6(1)(f)	`lia-reference`
`uk-public-task`	UK Public Task	UK GDPR Art. 6(1)(e)	`statutory-reference`
`uk-legal-obligation`	UK Legal Obligation	UK GDPR Art. 6(1)(c)	`statutory-reference`
`uk-contract`	UK Contract	UK GDPR Art. 6(1)(b)	—

Available options:

uk-consent,

uk-explicit-consent,

uk-legitimate-interests,

uk-public-task,

uk-legal-obligation,

uk-contract

Example:

"uk-consent"

limit

integer

default:200

Maximum number of records to return.

Required range: x <= 500

Response

List of own access records.

response

object

required

Show child attributes

records

object[]

required

Show child attributes

total

integer

required

Last modified on March 25, 2026

Verify Access RecordReturns the full access record for a given access key. Called by Data Providers before releasing meter data. **Authentication:** Unauthenticated by design. The access key acts as the credential; treat it as a secret. **Note on PII:** This endpoint returns no PII. The person-property relationship (MPxN, address, move-in date, identity verification) is held in the linked Identity Record, which is accessible only to authenticated Data Users via `GET /identity-records/{ir}`. The `identity-record-ref` in `record-metadata` provides the link. **Verification checklist (all record types):** 1. `access-event.state` must be `ACTIVE`. 2. `access-event.expiry` must be in the future, or null. 3. At least one controller in `record-metadata.controller-arrangement.controllers` must match the organisation you have a verified commercial relationship with on your platform. For `joint` arrangements, verify against the `lead` entry. 4. The data types being requested must be within `processing.data-types`. 5. Log `response.transaction-id` for your audit trail. **Additional checks by legal basis:** - Consent records: confirm `access-event.consent.consent-type` is appropriate for the data category being released. - Legitimate interests: confirm `lia-reference` is present on the lead controller entry in `record-metadata.controller-arrangement`. - Public task / legal obligation: confirm `statutory-reference` is present on the lead controller entry in `record-metadata.controller-arrangement`.

List Own Access Records

curl --request GET \
  --url https://api.central.consent/v1/records \
  --header 'Authorization: Bearer <token>'

{
  "response": {
    "resource": "/v1/access-records/ak_691df0c788ca043403b7fa90",
    "timestamp": "2026-03-11T12:00:00Z",
    "transaction-id": "tid_691df0c788ca043403b7fa90"
  },
  "records": [
    {
      "ak": "ak_691df0c788ca043403b7fa90",
      "data-types": [],
      "lead-controller-name": "Bright Energy Ltd",
      "controller-count": 1,
      "record-metadata": {
        "schema-version": "1.0",
        "controller-arrangement": {
          "controllers": [
            {
              "name": "Bright Energy Ltd",
              "contact-url": "https://bright-energy.com/contact",
              "address": {
                "addressLine1": "221B Baker Street",
                "townCity": "London",
                "postcode": "NW1 6XE",
                "addressLine2": "Marylebone",
                "county": "Greater London"
              },
              "privacy-rights-url": "https://bright-energy.com/your-rights",
              "lia-reference": "LIA-2024-003",
              "statutory-reference": "Energy Act 2023, s.147",
              "storage-conditions": {
                "location": "GB",
                "retention-period": "P2Y"
              }
            }
          ],
          "art26-reference": "JCA-2024-BrightGrid-001"
        },
        "record-identifier": "ak_691df0c788ca043403b7fa90",
        "created-at": "2024-01-15T09:30:00Z",
        "identity-record-ref": "ir_a3c5e7f9b1d3a3c5e7f9b1d3"
      },
      "legal-basis": "uk-consent",
      "purpose": "Energy efficiency analysis and tariff recommendations",
      "expiry": "2023-11-07T05:31:56Z",
      "discovered-access": {
        "mpxn": "1234567890123",
        "organisation-name": "Acme Energy Services Ltd",
        "organisation-reference": "org_abc123def456",
        "first-seen": "2024-06-01",
        "data-types-observed": [],
        "source-reference": "DCC-TX-LOG-2026-03-001",
        "last-seen": "2026-02-28",
        "superseded-by": "ak_691df0c788ca043403b7fa90"
      }
    }
  ],
  "total": 123
}

Documentation Index

Authorizations

Query Parameters

Response