Get Universal Consent Preferences UI
Retrieve the required attributes to render the Mobile Universal Consent Preference Center UI
Note
If the Mobile Universal Consent Preference Center is not in scope for your implementation, disregard this page.
API
(GET) https://mobile-data.onetrust.io/cfw/cmp/v1/uc-purposes
API Reference: https://developer.onetrust.com/onetrust/reference/get_ucpurposes
Request headers
Key | Value | Description | Required? |
---|---|---|---|
OT-CDN-Location | string | CDN location | Yes |
OT-App-Id | string | App ID | Yes |
OT-SDK-Version | string | API version to fetch | Yes |
OT-Device-Type | string | Type of the device e.g. mobile, ctv | Yes |
OT-Consent-String | string | Base 64 encoded consent string. Should be empty for the very first call and passed in the header on subsequent calls to persist user consent data from one session to the next. | Yes, after the first API call |
OT-Identifier | string | Data Subject ID | Only when using cross device OR if passing in your own identifier |
OT-Sync-Profile-Auth | string | JWT auth token (generated using the public keys saved in OneTrust portal) | Only when using cross device |
OT-Fetch-Type | string | Determines if the data download should include profile data or not. By default if no fetch type is passed, we use APP_DATA_ONLY . If cross device is in scope, pass in APP_DATA_AND_SYNC_PROFILE | Only when using cross device |
OT-Language | string | Language to display the UI | No |
OT-Country-Code | string | Country code of end user | No |
OT-Region-Code | string | Region code of end user | No |
OT-Force-Fetch | string | Return banner data regardless of shouldShowBanner status. By default, this is false. Set to true to force the return of banner data | No |
OT-Identifier-UpdateType | string | Header must be passed if 'OT-Identifier' may be different than the identifier stored in the otConsentString . Value will be Rename-Identifier | Only if the OT-Identifer differs from the identifier in otConsentStrng |
Sample response (success):
{
"errors": [],
"ucPurposesData": {
"general": {
"pageHeader": "Your Preferences",
"cpOptionsTitle": "Options"
},
"summary": {
"title": {
"text": "Your Preferences"
},
"description": {
"text": "At Onetrust, we want you to fully understand and enjoy the product and services we offer. To help keep you informed, we encourage you to review and edit your preferences below. For more information about our Privacy Policy and how we manage your data, please review our Privacy Policy"
}
},
"purposes": [
{
"id": "3ce8f9a0-0a7d-458f-b5c5-ef03e4790bd2",
"label": "Email",
"description": "<p>Test description for Email</p>",
"consentStatus": 0,
"version": 1,
"consentLifeSpan": 0,
"createdDate": "2024-10-10T14:26:30.603Z",
"lastModifiedDate": "2024-10-10T14:26:40.370Z",
"detail": null,
"expiryDateType": "LAST_TRANSACTION_DATE",
"order": 0,
"customPreferences": []
}
]
}
}
Sample response (error):
{
"errors": [
{
"code": "ERROR_CODE_MISSING_REQUIRED_HEADER",
"message": "Request header OT-Device-Type should not be null"
}
]
}
Consent value dictionary -consentStatus
consentStatus
Consent value | Description |
---|---|
1 | Consent given |
0 | Consent not given |
Response errors
Scenario | OT Custom Error Code | HTTP Error Code | Error Message |
---|---|---|---|
All generic server errors | ERROR_CODE_GENERIC_ERROR | 500 (Internal Server Error) | Something went wrong |
All required headers missing | ERROR_CODE_NO_ACCESS | 403 (Forbidden) | No access to this resource |
Invalid API route | ERROR_CODE_TEXT_RESOURCE_NOT_FOUND | 404 (Not Found) | Not Found |
Invalid OT-Consent-String header | ERROR_CODE_INVALID_OT_CONSENT_STRING | 400 (Bad Request) | Invalid OT consent string |
Invalid OT-Country-Code or OT-Region-Code header | ERROR_CODE_INVALID_COUNTRY_OR_REGION | 400 (Bad Request) | Invalid country code or region code |
Invalid OT-CDN-Location or OT-App-Id header | ERROR_CODE_BLOB_LOCATIONS_UNAVAILABLE | 400 (Bad Request) | Unable to fetch data for the specified Application ID. Please check your configurations |
Invalid OT-Fetch-Type header | ERROR_CODE_INVALID_FETCH_TYPE | 400 (Bad Request) | Invalid Fetch type |
Invalid OT-Device-Type header | ERROR_CODE_INVALID_DEVICE_TYPE | 400 (Bad Request) | Invalid Device Type |
Missing required headers e.g. OT-Device-Type, OT-CDN-Location etc | ERROR_CODE_MISSING_REQUIRED_HEADER | 400 (Bad Request) | Request header {{header}} should not be null |
Updated 1 day ago