# Consent APIs (built on CMS)
# Consent List and Filtering
Method: GET /cms/api/projects/{projId}/c/weomni-consent-v1
Description: List all contents of the consent
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Parameter:
| Key | Description | Required | Example |
|---|---|---|---|
| data | search by attribute name and value | N | data.application=tsm |
| page | The requested page number to display | N | page=0 |
| size | The page size of the result in response body | N | size=10 |
| sort | Sorting criteria. Default sort order is ascending. Multiple sort criteria are supported. | N | sort=data.createdDate,desc |
Example Request:
curl -X GET \
'https://alpha-platform.weomni-test.com/cms/api/projects/{projectId}}/c/weomni-consent-v1?data.application=TSM&data.status=PUBLISHED' \
-H 'Authorization: Bearer {O2O Access Token}' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache'
Example Response:
HTTP/1.1 200 OK
Content-Type: application/json
[
{
"createdBy": "66933520005",
"createdDate": "2020-04-07T14:00:28.849Z",
"lastModifiedBy": "66933520005",
"lastModifiedDate": "2020-04-07T14:00:28.849Z",
"id": "5e8c877c58f3bd0001ff7692",
"contentType": {
"id": "5e8c874d9e95fc0001843c06",
"name": "weomni-consent-v1",
"alias": "weomni-consent-v1",
"searchEngine": null
},
"projectId": "5ce94f38cd30580001599a19",
"data": {
"descriptionEn": "This is description",
"application": "TSM",
"descriptionTh": "นี่คือรายละเอียด",
"purposes": [
"Send SMS",
"Face Recognition"
],
"lifespan": 365,
"name": "TSM consent",
"privacyNoticeRef": "5e8c87789e95fc0001843c07",
"revision": 0,
"status": "PUBLISHED"
}
}
]
# Consent Acceptance List and Filtering
Method: GET /cms/api/projects/{projId}/c/weomni-consent-acceptance-v1
Description: List all contents of the consent acceptance
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Parameter:
| Key | Description | Required | Example |
|---|---|---|---|
| data | search by attribute name and value | N | data.dataSubject=ds-001 |
| page | The requested page number to display | N | page=0 |
| size | The page size of the result in response body | N | size=10 |
| sort | Sorting criteria. Default sort order is ascending. Multiple sort criteria are supported. | N | sort=data.dataSubject&sort=data.acceptanceDate,desc |
Example Request:
curl -X GET \
'https://dev-platform.weomni-test.com/cms/api/projects/5ce94f38cd30580001599a19/c/weomni-consent-acceptance-v1?data.consentId=5e8c877c58f3bd0001ff7692&data.dataSubject=11000000000&data.status=ACCEPTED' \
-H 'Authorization: Bearer {O2O Access Token}' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache'
Example Response:
HTTP/1.1 200 OK
Content-Type: application/json
[
{
"createdBy": "66933520005",
"createdDate": "2020-04-07T14:00:34.602Z",
"lastModifiedBy": "66933520005",
"lastModifiedDate": "2020-04-07T14:00:34.602Z",
"id": "5e8c87829e95fc0001843c08",
"contentType": {
"id": "5e8c874d58f3bd0001ff7691",
"name": "weomni-consent-acceptance-v1",
"alias": "weomni-consent-acceptance-v1",
"searchEngine": null
},
"projectId": "5ce94f38cd30580001599a19",
"data": {
"acceptanceDate": "2020-04-07T13:52:10Z",
"country": "TH",
"note": "",
"dataSubject": "11000000000",
"expiredDate": "2021-04-07T13:52:10Z",
"userAgent": "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"consentId": "{{consentId}}",
"withdrawalDate": "",
"osVersion": "Android 10",
"deviceFingerprintId": "774506072891597375",
"purposes": [
"Send SMS"
],
"localIp": "127.0.0.1",
"model": "13.3",
"consentApplication": "TSM",
"status": "ACCEPTED"
}
}
]
# Create Privacy Notice
Method: POST
Path: /cms/api/projects/{projId}/c/weomni-privacy-notice-v1
Description: Create a privacy notice
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Request Body:
| Param | Description | Type | Required |
|---|---|---|---|
| data | The attributes and values of the privacy notice | Object | Y |
| data.name | Privacy notice name | String | Y |
| data.descriptionEn | Privacy notice description in English | String | N |
| data.descriptionTh | Privacy notice description in Thai | String | N |
| data.revision | Revision of of the Privacy notice | Number | Y |
| data.status | Status of the Privacy notice (DRAFT, PUBLISHED, ARCHIVED) | Enum | Y |
Request Body Example:
{
"data": {
"revision": 0,
"name": "TSM Privacy",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"status": "PUBLISHED"
}
}
Request Example:
curl -X POST \
https://dev-platform.weomni-test.com/cms/api/projects/5ce94f38cd30580001599a19/c/weomni-privacy-notice-v1 \
-H 'Authorization: Bearer {O2O Access Token}' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache' \
-d '{
"data": {
"revision": 0,
"name": "TSM Privacy",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"status": "PUBLISHED"
}
}'
Response Example:
HTTP/1.1 201 CREATED
Content-Type: application/json
{
"createdBy": "66933520005",
"createdDate": "2020-04-07T15:24:33.163Z",
"lastModifiedBy": "66933520005",
"lastModifiedDate": "2020-04-07T15:24:33.163Z",
"id": "5e8c9b319e95fc0001843c09",
"contentType": {
"id": "5e8c874d9e95fc0001843c05",
"name": "weomni-privacy-notice-v1",
"alias": "weomni-privacy-notice-v1",
"searchEngine": null
},
"projectId": "5ce94f38cd30580001599a19",
"data": {
"name": "TSM Privacy",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"revision": 0,
"status": "PUBLISHED"
}
}
# Update Privacy Notice
Method: PUT
Path: /cms/api/projects/{projId}/c/weomni-privacy-notice-v1/{id}
Description: Create a privacy notice
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Request Body:
| Param | Description | Type | Required |
|---|---|---|---|
| id | Id of privacy notice to update | String | Y |
| data | The attributes and values of the privacy notice | Object | Y |
| data.name | Privacy notice name | String | Y |
| data.descriptionEn | Privacy notice description in English | String | N |
| data.descriptionTh | Privacy notice description in Thai | String | N |
| data.revision | Revision of of the Privacy notice | Number | Y |
| data.status | Status of the Privacy notice (DRAFT, PUBLISHED, ARCHIVED) | Enum | Y |
Request Body Example:
{
"data": {
"revision": 0,
"name": "TSM Privacy",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"status": "PUBLISHED"
}
}
Request Example:
curl -X PUT \
https://dev-platform.weomni-test.com/cms/api/projects/5ce94f38cd30580001599a19/c/weomni-privacy-notice-v1/5e8c9b319e95fc0001843c09 \
-H 'Authorization: Bearer {O2O Access Token}' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache' \
-d '{
"data": {
"revision": 0,
"name": "TSM Privacy",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"status": "PUBLISHED"
}
}'
Response Example:
HTTP/1.1 200 OK
Content-Type: application/json
{
"createdBy": "66933520005",
"createdDate": "2020-04-07T15:24:33.163Z",
"lastModifiedBy": "66933520005",
"lastModifiedDate": "2020-04-07T15:24:33.163Z",
"id": "5e8c9b319e95fc0001843c09",
"contentType": {
"id": "5e8c874d9e95fc0001843c05",
"name": "weomni-privacy-notice-v1",
"alias": "weomni-privacy-notice-v1",
"searchEngine": null
},
"projectId": "5ce94f38cd30580001599a19",
"data": {
"name": "TSM Privacy",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"revision": 0,
"status": "PUBLISHED"
}
}
# Create Consent
Method: POST
Path: /cms/api/projects/{projId}/c/weomni-consent-v1
Description: Create a content of consent
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Request Body:
| Param | Description | Type | Required |
|---|---|---|---|
| data | The attributes and values of the consent | Object | Y |
| data.name | Consent Name | String | Y |
| data.descriptionEn | Consent description in English | String | N |
| data.descriptionTh | Consent description in Thai | String | N |
| data.application | Application of the consent | String | Y |
| data.purposes | Purposes of the consent | String[] | Y |
| data.lifespan | life span of each consent acceptance | Number | N |
| data.formScreen | The screen that display consent | File | N |
| data.privacyNoticeRef | Reference to privacy notice | String | Y |
| data.revision | Revision of of the consent | Number | Y |
| data.status | Status of the consent (ACCEPTED, WITHDRAWN) | Enum | Y |
Request Body Example:
{
"data": {
"purposes": [
"Send SMS",
"Face Recognition"
],
"revision": 0,
"name": "TSM consent",
"application": "TSM",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"lifespan": 365,
"privacyNoticeRef": "{{privacy_note_id}}",
"status": "PUBLISHED"
}
}
Request Example:
curl -X POST \
https://alpha-platform.weomni-test.com/cms/api/projects/{projectId}/c/weomni-consent-v1 \
-H 'Authorization: Bearer {O2O Access Token}' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache' \
-d '{
"data": {
"purposes": [
"Send SMS",
"Face Recognition"
],
"revision": 0,
"name": "TSM consent",
"application": "TSM",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"lifespan": 365,
"privacyNoticeRef": "5e8c9b319e95fc0001843c09",
"status": "PUBLISHED"
}
}'
Response Example:
HTTP/1.1 201 CREATED
Content-Type: application/json
{
"createdBy": "66933520005",
"createdDate": "2020-04-07T15:24:41.377Z",
"lastModifiedBy": "66933520005",
"lastModifiedDate": "2020-04-07T15:24:41.377Z",
"id": "5e8c9b3958f3bd0001ff7695",
"contentType": {
"id": "5e8c874d9e95fc0001843c06",
"name": "weomni-consent-v1",
"alias": "weomni-consent-v1",
"searchEngine": null
},
"projectId": "5ce94f38cd30580001599a19",
"data": {
"descriptionEn": "This is description",
"application": "TSM",
"descriptionTh": "นี่คือรายละเอียด",
"purposes": [
"Send SMS",
"Face Recognition"
],
"lifespan": 365,
"name": "TSM consent",
"privacyNoticeRef": "5e8c9b319e95fc0001843c09",
"revision": 0,
"status": "PUBLISHED"
}
}
# Update Consent
Method: PUT
Path: /cms/api/projects/{projId}/c/weomni-consent-v1/{id}
Description: Create a content of consent
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Request Body:
| Param | Description | Type | Required |
|---|---|---|---|
| id | Id of consent to update | String | Y |
| data | The attributes and values of the consent | Object | Y |
| data.name | Consent Name | String | Y |
| data.descriptionEn | Consent description in English | String | N |
| data.descriptionTh | Consent description in Thai | String | N |
| data.application | Application of the consent | String | Y |
| data.purposes | Purposes of the consent | String[] | Y |
| data.lifespan | life span of each consent acceptance | Number | N |
| data.formScreen | The screen that display consent | File | N |
| data.privacyNoticeRef | Reference to privacy notice | String | Y |
| data.revision | Revision of of the consent | Number | Y |
| data.status | Status of the consent (ACCEPTED, WITHDRAWN) | Enum | Y |
Request Body Example:
{
"data": {
"purposes": [
"Send SMS",
"Face Recognition"
],
"revision": 0,
"name": "TSM consent",
"application": "TSM",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"lifespan": 365,
"privacyNoticeRef": "{{privacy_note_id}}",
"status": "PUBLISHED"
}
}
Request Example:
curl -X PUT \
https://alpha-platform.weomni-test.com/cms/api/projects/{projectId}/c/weomni-consent-v1/5e8c9b3958f3bd0001ff7695 \
-H 'Authorization: Bearer {O2O Access Token}' \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache' \
-d '{
"data": {
"purposes": [
"Send SMS",
"Face Recognition"
],
"revision": 0,
"name": "TSM consent",
"application": "TSM",
"descriptionEn": "This is description",
"descriptionTh": "นี่คือรายละเอียด",
"lifespan": 365,
"privacyNoticeRef": "5e8c9b319e95fc0001843c09",
"status": "PUBLISHED"
}
}'
Response Example:
HTTP/1.1 200 OK
Content-Type: application/json
{
"createdBy": "66933520005",
"createdDate": "2020-04-07T15:24:41.377Z",
"lastModifiedBy": "66933520005",
"lastModifiedDate": "2020-04-07T15:24:41.377Z",
"id": "5e8c9b3958f3bd0001ff7695",
"contentType": {
"id": "5e8c874d9e95fc0001843c06",
"name": "weomni-consent-v1",
"alias": "weomni-consent-v1",
"searchEngine": null
},
"projectId": "5ce94f38cd30580001599a19",
"data": {
"descriptionEn": "This is description",
"application": "TSM",
"descriptionTh": "นี่คือรายละเอียด",
"purposes": [
"Send SMS",
"Face Recognition"
],
"lifespan": 365,
"name": "TSM consent",
"privacyNoticeRef": "5e8c9b319e95fc0001843c09",
"revision": 0,
"status": "PUBLISHED"
}
}
# Create Consent Acceptance
Method: POST
Path: /cms/api/projects/{projId}/c/weomni-consent-acceptance-v1
Description: Create a content of consent acceptance
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Request Body:
| Param | Description | Type | Required |
|---|---|---|---|
| data | The attributes and values of the consent acceptance | Object | Y |
| data.dataSubject | The reference of a person whose personal data is being processed | String | Y |
| data.device | Device that use to accept | String | N |
| data.consentId | The id of consent which is accepted by the data subject | String | Y |
| data.consentApplication | The application which has the consent, it should be the current time stamp | String | Y |
| data.acceptanceDate | The date which consent is accepted | Timestamp | Y |
| data.withdrawalDate | The date which consent is withdrawn | Timestamp | N |
| data.status | The status of the consent acceptance, it can be ACCEPTED or WITHDRAWN | Enum | Y |
| data.purposes | Purposes that user accepted | String[] | Y |
| data.expiredDate | Expire date of this acceptance | Timestamp | Y |
| data.userAgent | Agent that user use when they accecpted | String | Y |
| data.country | Country that user use when they accecpted | String | Y |
| data.localIp | Local IP that user use when they accecpted | String | Y |
| data.osVersion | OS version that user use when they accecpted | String | Y |
| data.model | Model of device that user use when they accecpted | String | Y |
| data.deviceFingerprintId | Fingerprint information that user use when they accecpted | String | Y |
| data.note | Any additional information | String | Y |
Request Body Example:
{
"data": {
"dataSubject": "11000000000",
"consentId": "5e8c877c58f3bd0001ff7692",
"acceptanceDate": "2020-04-07T20:52:10+07:00",
"withdrawalDate": "",
"consentApplication": "TSM",
"status": "ACCEPTED",
"purposes": [
"Send SMS",
"Face Recognition"
],
"expiredDate": "2021-04-07T20:52:10+07:00",
"userAgent": "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"country": "TH",
"localIp": "127.0.0.1",
"osVersion": "Android 10",
"model": "13.3",
"deviceFingerprintId": "774506072891597375",
"note": ""
}
}
Request Example:
curl -X POST \
'http://platform.weomni.com/cms/api/projects/12791v1a6104ka02/c/weomni-consent-acceptance-v1' \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer {O2O Access Token}'
-d '{
"data": {
"dataSubject": "11000000000",
"consentId": "5e8c877c58f3bd0001ff7692",
"acceptanceDate": "2020-04-07T20:52:10+07:00",
"withdrawalDate": "",
"consentApplication": "TSM",
"status": "ACCEPTED",
"purposes": [
"Send SMS",
"Face Recognition"
],
"expiredDate": "2021-04-07T20:52:10+07:00",
"userAgent": "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"country": "TH",
"localIp": "127.0.0.1",
"osVersion": "Android 10",
"model": "13.3",
"deviceFingerprintId": "774506072891597375",
"note": ""
}
}'
Response Example:
HTTP/1.1 201 CREATED
Content-Type: application/json
{
"createdBy": "66933520005",
"createdDate": "2020-04-07T14:49:54.333Z",
"lastModifiedBy": "66933520005",
"lastModifiedDate": "2020-04-07T14:49:54.333Z",
"id": "5e8c931258f3bd0001ff7694",
"contentType": {
"id": "5e8c874d58f3bd0001ff7691",
"name": "weomni-consent-acceptance-v1",
"alias": "weomni-consent-acceptance-v1",
"searchEngine": null
},
"projectId": "5ce94f38cd30580001599a19",
"data": {
"acceptanceDate": "2020-04-07T20:52:10+07:00",
"country": "TH",
"note": "",
"dataSubject": "11000000000",
"expiredDate": "2021-04-07T20:52:10+07:00",
"userAgent": "Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915 Firefox/1.0.7",
"consentId": "5e8c877c58f3bd0001ff7692",
"withdrawalDate": "",
"osVersion": "Android 10",
"deviceFingerprintId": "774506072891597375",
"purposes": [
"Send SMS",
"Face Recognition"
],
"localIp": "127.0.0.1",
"model": "13.3",
"consentApplication": "TSM",
"status": "ACCEPTED"
}
}
# Update Consent
Method: PUT
Path: /cms/api/projects/{projId}/c/weomni-consent-acceptance-v1/{contentId}
Description: Update a consent acceptance
Client Scope: -
Authority: -
Request Header:
| Param | Description | Required | Example |
|---|---|---|---|
| Authorization | The OAuth2 authentication with the O2O System | Y | Bearer {O2O Access Token} |
| Content-Type | The MIME type of this content | Y | application/json |
Request Body:
| Param | Description | Type | Required |
|---|---|---|---|
| data | The attributes and desired values of the content. The value of any missing attribute will be replaced by null | Object | Y |
| data.dataSubject | The reference of a person whose personal data is being processed | String | Y |
| data.device | Device that use to accept | String | N |
| data.consentId | The id of consent which is accepted by the data subject | String | Y |
| data.application | The application that provide this consent | String | Y |
| data.acceptanceDate | The date which consent is accepted | Timestamp | Y |
| data.withdrawalDate | The date which consent is withdrawn | Timestamp | N |
| data.status | The status of the consent acceptance, it can be ACCEPTED or WITHDRAWN | Enum | Y |
| data.note | Any additional information | String | Y |
Request Example:
Existing Data:
{
"data": {
"acceptanceDate": "2020-03-12T08:56:45Z",
"dataSubject": "ds-001",
"note":"",
"consentId": "5e6b3b1732e59d000154ecdb",
"withdrawalDate": "",
"application": "Wemall",
"device": "DE-001",
"status": "ACCEPTED"
}
}
Request:
curl -X PUT \
'http://dev-platform.weomni-test.com/cms/api/projects/12791v1a6104ka02/c/weomni-consent-acceptance-v1/124hh901023hs87sj37' \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer {O2O Access Token}'
-d '{
"data": {
"acceptanceDate": "2020-03-12T08:56:45Z",
"dataSubject": "ds-001",
"consentId": "5e6b3b1732e59d000154ecdb",
"withdrawalDate": "2020-12-10T08:00:00Z",
"application": "Wemall",
"device": "DE-001",
"status": "WITHDRAWN"
}
}
Response Example:
HTTP/1.1 200 OK
Content-Type: application/json
{
"id": "124hh901023hs87sj37",
"contentType": {
"id": "5e6236ff40c5f5000107dbf0",
"name": "weomni-consent-acceptance-v1",
"alias": "weomni-consent-acceptance-v1"
},
"projectId": "12791v1a6104ka02",
"data": {
"acceptanceDate": "2020-03-12T08:56:45Z",
"note": "",
"dataSubject": "ds-001",
"consentId": "5e6b3b1732e59d000154ecdb",
"withdrawalDate": "2020-12-10T08:00:00Z",
"application": "Wemall",
"device": "DE-001",
"status": "WITHDRAWN"
}
}