Get Universal Consent Preferences UI

Retrieve the required attributes to render the Mobile Universal Consent Preference Center UI

📘

Note

If the Mobile Universal Consent Preference Center is not in scope for your implementation, disregard this page.

API

(GET) https://mobile-data.onetrust.io/cfw/cmp/v1/uc-purposes

API Reference: https://developer.onetrust.com/onetrust/reference/get_ucpurposes

Request headers

KeyValueDescriptionRequired?
OT-CDN-LocationstringCDN locationYes
OT-App-IdstringApp IDYes
OT-SDK-VersionstringAPI version to fetchYes
OT-Device-TypestringType of the device e.g. mobile, ctvYes
OT-Consent-StringstringBase 64 encoded consent string. Should be empty for the very first call and passed in the header on subsequent calls to persist user consent data from one session to the next.Yes, after the first API call
OT-IdentifierstringData Subject IDOnly when using cross device OR if passing in your own identifier
OT-Sync-Profile-AuthstringJWT auth token (generated using the public keys saved in OneTrust portal)Only when using cross device
OT-Fetch-TypestringDetermines if the data download should include profile data or not. By default if no fetch type is passed, we use APP_DATA_ONLY. If cross device is in scope, pass in APP_DATA_AND_SYNC_PROFILEOnly when using cross device
OT-LanguagestringLanguage to display the UINo
OT-Country-CodestringCountry code of end userNo
OT-Region-CodestringRegion code of end userNo
OT-Force-FetchstringReturn banner data regardless of shouldShowBanner status. By default, this is false. Set to true to force the return of banner dataNo
OT-Identifier-UpdateTypestringHeader must be passed if 'OT-Identifier' may be different than the identifier stored in the otConsentString. Value will be Rename-IdentifierOnly if the OT-Identiferdiffers from the identifier in otConsentStrng

Sample response (success):

{
    "errors": [],
    "ucPurposesData": {
        "general": {
            "pageHeader": "Your Preferences",
            "cpOptionsTitle": "Options"
        },
        "summary": {
            "title": {
                "text": "Your Preferences"
            },
            "description": {
                "text": "At Onetrust, we want you to fully understand and enjoy the product and services we offer. To help keep you informed, we encourage you to review and edit your preferences below. For more information about our Privacy Policy and how we manage your data, please review our Privacy Policy"
            }
        },
        "purposes": [
            {
                "id": "3ce8f9a0-0a7d-458f-b5c5-ef03e4790bd2",
                "label": "Email",
                "description": "<p>Test description for Email</p>",
                "consentStatus": 0,
                "version": 1,
                "consentLifeSpan": 0,
                "createdDate": "2024-10-10T14:26:30.603Z",
                "lastModifiedDate": "2024-10-10T14:26:40.370Z",
                "detail": null,
                "expiryDateType": "LAST_TRANSACTION_DATE",
                "order": 0,
                "customPreferences": []
            }
        ]
    }
}

Sample response (error):

{
    "errors": [
        {
            "code": "ERROR_CODE_MISSING_REQUIRED_HEADER",
            "message": "Request header OT-Device-Type should not be null"
        }
    ]
}

Consent value dictionary -consentStatus

Consent valueDescription
1Consent given
0Consent not given

Response errors

ScenarioOT Custom Error CodeHTTP Error CodeError Message
All generic server errorsERROR_CODE_GENERIC_ERROR500 (Internal Server Error)Something went wrong
All required headers missingERROR_CODE_NO_ACCESS403 (Forbidden)No access to this resource
Invalid API routeERROR_CODE_TEXT_RESOURCE_NOT_FOUND404 (Not Found)Not Found
Invalid OT-Consent-String headerERROR_CODE_INVALID_OT_CONSENT_STRING400 (Bad Request)Invalid OT consent string
Invalid OT-Country-Code or OT-Region-Code headerERROR_CODE_INVALID_COUNTRY_OR_REGION400 (Bad Request)Invalid country code or region code
Invalid OT-CDN-Location or OT-App-Id headerERROR_CODE_BLOB_LOCATIONS_UNAVAILABLE400 (Bad Request)Unable to fetch data for the specified Application ID. Please check your configurations
Invalid OT-Fetch-Type headerERROR_CODE_INVALID_FETCH_TYPE400 (Bad Request)Invalid Fetch type
Invalid OT-Device-Type headerERROR_CODE_INVALID_DEVICE_TYPE400 (Bad Request)Invalid Device Type
Missing required headers e.g. OT-Device-Type, OT-CDN-Location etcERROR_CODE_MISSING_REQUIRED_HEADER400 (Bad Request)Request header {{header}} should not be null