This documentation set is based on ‘inflight’ discussions and designs regarding Consumer Consent Solution (CCS), is unlikely to represent the final solution and includes our designs on how we believe it should be presented.
Requesting Consumer Data Access (Consent)
Overview of how consent could operate by Data Users, at present this is all very theoretical.
It is possible that both the presentation of T&Cs to the Consumer and the Identitiy Challenge and Response verification steps are required to be presented outside of the UX control of the Data User (option 2), providing an independent (alien) Consumer experience during these elements.
Option 1 (prefered)
The Solution sits fully behind the Data User’s UX and is called by API by that user. The information is relayed to the Consumer by the Data User (using their own UX).
Option 2
The Solution sits embedded within the Data User’s consumer journey with it’s own alien UX. The consumer interacts directly with the Solution and receives confirmation directly from the CCS (not the Data User).
Access Verification of Data Request
Process for Data Providers to verify access token, identify the consumer data and return it to the Data User. Using Verify Access and Verify Consumer APIs.
Migration or Registration of existing Consent of a Data User
Process for Data Providers to verify access token, identify the consumer data and return it to the Data User using Register Access API.
