8 Service APIs

This section provides a reference for APIs that should be implemented by this Building Block.

8 Service APIs

This section provides a reference for APIs that should be implemented by this Building Block. The APIs defined here establish a blueprint for how the Building Block will interact with other Building Blocks. Additional APIs may be implemented by the Building Block, but the listed APIs define a minimal set of functionality that should be provided by any implementation of this Building Block.

The GovStack non-functional requirements document provides additional information on how 'adaptors' may be used to translate an existing API to the patterns described here. This section also provides guidance on how candidate products are tested and how GovStack validates a product's API against the API specifications defined here.

The tests for the Consent Building Block can be found in this GitHub repository.

8.1 API specification

The following is an automated rendition of the OpenAPI YAML specification contained in this release.

You can see the latest unreleased version of the OpenAPI specification in the main branch of our GitHub repository.

8.1.1 Config APIs

CREATE - Creates a new Policy object and returns the new object and a PolicyRevision

CREATE - Creates a new Policy object and returns the new object and a PolicyRevision

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/

Authorization

OAuth2

Body

application/json

policy*Policy (object)

A policy governs Data Agreements in the realm of an organisation that is often referred to as "data controller" (GDPR) and owner of referencing Data Agreements.

Response

200400

A set consisting of the new Policy object created, together with the initial Revision object.

Body

application/json

policyPolicy (object)

A policy governs Data Agreements in the realm of an organisation that is often referred to as "data controller" (GDPR) and owner of referencing Data Agreements.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "policy": {
    "id": "text",
    "name": "text",
    "version": "text",
    "url": "text",
    "jurisdiction": "text",
    "industrySector": "text",
    "geographicRestriction": "text",
    "storageLocation": "text"
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

READ - get a Policy object + latest Revisio

READ - get a Policy object + latest Revisio

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/

Authorization

OAuth2

Path parameters

policyId*string

Unique ID of an object

Query parameters

Response

200400

Body

application/json

policyPolicy (object)

A policy governs Data Agreements in the realm of an organisation that is often referred to as "data controller" (GDPR) and owner of referencing Data Agreements.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "policy": {
    "id": "text",
    "name": "text",
    "version": "text",
    "url": "text",
    "jurisdiction": "text",
    "industrySector": "text",
    "geographicRestriction": "text",
    "storageLocation": "text"
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

UPDATE - Updates an existing Policy object, returning the updated version and a new revision. Updating a Policy must not affect existing active references in DataAgreement, the new Revision should be specified for Agreement.

UPDATE - Updates an existing Policy object, returning the updated version and a new revision. Updating a Policy must not affect existing active references in DataAgreement, the new Revision should be specified for Agreement.

PUThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/

Authorization

OAuth2

Path parameters

policyId*string

Unique ID of an object

Body

application/json

policy*Policy (object)

A policy governs Data Agreements in the realm of an organisation that is often referred to as "data controller" (GDPR) and owner of referencing Data Agreements.

Response

200400

Body

application/json

policyPolicy (object)

A policy governs Data Agreements in the realm of an organisation that is often referred to as "data controller" (GDPR) and owner of referencing Data Agreements.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "policy": {
    "id": "text",
    "name": "text",
    "version": "text",
    "url": "text",
    "jurisdiction": "text",
    "industrySector": "text",
    "geographicRestriction": "text",
    "storageLocation": "text"
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

DELETE - Deletes an existing Policy object, returning a new revision. Deleting a Policy is not possible if it's associated with active DataAgreement.

DELETE - Deletes an existing Policy object, returning a new revision. Deleting a Policy is not possible if it's associated with active DataAgreement.

DELETEhttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/

Authorization

OAuth2

Path parameters

policyId*string

Unique ID of an object

Response

200400

Body

application/json

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

Response

{
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

LIST - returns the current Policy

LIST - returns the current Policy

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/revisions/

Authorization

OAuth2

Path parameters

policyId*string

Unique ID of an object

Query parameters

Response

200400

Body

application/json

policyPolicy (object)

A policy governs Data Agreements in the realm of an organisation that is often referred to as "data controller" (GDPR) and owner of referencing Data Agreements.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policy/{policyId}/revisions/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "policy": {
    "id": "text",
    "name": "text",
    "version": "text",
    "url": "text",
    "jurisdiction": "text",
    "industrySector": "text",
    "geographicRestriction": "text",
    "storageLocation": "text"
  }
}

Returns a list of readable Policy objects

LIST - Fetches list of readable Policy objects

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policies/

Authorization

OAuth2

Query parameters

Response

200400

A list of Policy objects readable for the current session's credentials.

Body

application/json

policiesarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/policies/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "policies": [
    {
      "id": "text",
      "name": "text",
      "version": "text",
      "url": "text",
      "jurisdiction": "text",
      "industrySector": "text",
      "geographicRestriction": "text",
      "storageLocation": "text"
    }
  ]
}

READ - fetches the latest version of an Agreement

READ - fetches the latest version of an Agreement

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/{dataAgreementId}/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Response

200400

Body

application/json

dataAgreementDataAgreement (object)

A Data Agreement contains the specification of a single purpose that can be consented to. A Data Agreement is universal and can be consented to by many individuals through a ConsentRecord. A Data Agreement implements a specific type of agreement related to personal data, modeled by DataAgreementAttribute. There may be other types of agreements modeled in future Consent BB releases. Notice that when creating a serialized snapshop for revisioning a Data Agreement, all related objects have to be serialized and included.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/{dataAgreementId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "dataAgreement": {
    "id": "text",
    "version": "text",
    "controller": {
      "id": "text",
      "name": "text",
      "url": "text"
    },
    "policy": {
      "id": "text",
      "name": "text",
      "version": "text",
      "url": "text",
      "jurisdiction": "text",
      "industrySector": "text",
      "geographicRestriction": "text",
      "storageLocation": "text"
    },
    "purpose": "text",
    "lawfulBasis": "text",
    "dataUse": "text",
    "dpia": "text",
    "active": false,
    "forgettable": false,
    "lifecycle": {
      "id": "text",
      "name": "text"
    },
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

UPDATE - An existing DataAgreement object is created and returned together with a new Revision

UPDATE - An existing DataAgreement object is created and returned together with a new Revision

PUThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/{dataAgreementId}/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Body

application/json

dataAgreement*DataAgreement (object)

A Data Agreement contains the specification of a single purpose that can be consented to. A Data Agreement is universal and can be consented to by many individuals through a ConsentRecord. A Data Agreement implements a specific type of agreement related to personal data, modeled by DataAgreementAttribute. There may be other types of agreements modeled in future Consent BB releases. Notice that when creating a serialized snapshop for revisioning a Data Agreement, all related objects have to be serialized and included.

Response

200400

Body

application/json

dataAgreementDataAgreement (object)

A Data Agreement contains the specification of a single purpose that can be consented to. A Data Agreement is universal and can be consented to by many individuals through a ConsentRecord. A Data Agreement implements a specific type of agreement related to personal data, modeled by DataAgreementAttribute. There may be other types of agreements modeled in future Consent BB releases. Notice that when creating a serialized snapshop for revisioning a Data Agreement, all related objects have to be serialized and included.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/{dataAgreementId}/', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "dataAgreement": {
        "id": "text",
        "version": "text",
        "purpose": "text",
        "lawfulBasis": "text",
        "dpia": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "dataAgreement": {
    "id": "text",
    "version": "text",
    "controller": {
      "id": "text",
      "name": "text",
      "url": "text"
    },
    "policy": {
      "id": "text",
      "name": "text",
      "version": "text",
      "url": "text",
      "jurisdiction": "text",
      "industrySector": "text",
      "geographicRestriction": "text",
      "storageLocation": "text"
    },
    "purpose": "text",
    "lawfulBasis": "text",
    "dataUse": "text",
    "dpia": "text",
    "active": false,
    "forgettable": false,
    "lifecycle": {
      "id": "text",
      "name": "text"
    },
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

DELETEhttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/{dataAgreementId}/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Response

200400

Body

application/json

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/{dataAgreementId}/', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

Response

{
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

CREATE - A new DataAgreement object is created and returned together with a Revision

CREATE - A new DataAgreement object is created and returned together with a Revision

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/

Authorization

OAuth2

Body

application/json

dataAgreement*DataAgreement (object)

A Data Agreement contains the specification of a single purpose that can be consented to. A Data Agreement is universal and can be consented to by many individuals through a ConsentRecord. A Data Agreement implements a specific type of agreement related to personal data, modeled by DataAgreementAttribute. There may be other types of agreements modeled in future Consent BB releases. Notice that when creating a serialized snapshop for revisioning a Data Agreement, all related objects have to be serialized and included.

Response

200400

Body

application/json

dataAgreementDataAgreement (object)

A Data Agreement contains the specification of a single purpose that can be consented to. A Data Agreement is universal and can be consented to by many individuals through a ConsentRecord. A Data Agreement implements a specific type of agreement related to personal data, modeled by DataAgreementAttribute. There may be other types of agreements modeled in future Consent BB releases. Notice that when creating a serialized snapshop for revisioning a Data Agreement, all related objects have to be serialized and included.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreement/', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "dataAgreement": {
        "id": "text",
        "version": "text",
        "purpose": "text",
        "lawfulBasis": "text",
        "dpia": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "dataAgreement": {
    "id": "text",
    "version": "text",
    "controller": {
      "id": "text",
      "name": "text",
      "url": "text"
    },
    "policy": {
      "id": "text",
      "name": "text",
      "version": "text",
      "url": "text",
      "jurisdiction": "text",
      "industrySector": "text",
      "geographicRestriction": "text",
      "storageLocation": "text"
    },
    "purpose": "text",
    "lawfulBasis": "text",
    "dataUse": "text",
    "dpia": "text",
    "active": false,
    "forgettable": false,
    "lifecycle": {
      "id": "text",
      "name": "text"
    },
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

LIST - fetch all DataAgreements

LIST - fetch all DataAgreements

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreements/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

dataAgreementarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/data-agreements/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "dataAgreement": [
    {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    }
  ]
}

CREATE - Creates an Individual in the Consent system

CREATE - Creates an Individual in the Consent system

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/individual/

Authorization

OAuth2

Body

application/json

individual*Individual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Response

200400

Body

application/json

individualIndividual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/individual/', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "individual": {
        "id": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "individual": {
    "id": "text",
    "externalId": "text",
    "externalIdType": "text",
    "identityProviderId": "text"
  }
}

READ - Fetch an Individual in the Consent system

READ - Fetch an Individual in the Consent system

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/individual/{individualId}/

Authorization

OAuth2

Path parameters

individualId*string

Unique ID of an object

Response

200400

Body

application/json

individualIndividual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/individual/{individualId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "individual": {
    "id": "text",
    "externalId": "text",
    "externalIdType": "text",
    "identityProviderId": "text"
  }
}

LIST - lists individuals in the system

LIST - lists individuals in the system

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/individuals/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

individualsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/individuals/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "individuals": [
    {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    }
  ]
}

CREATE - Creates a new Webhook object and returns the new object

CREATE - Creates a new Webhook object and returns the new object

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/

Authorization

OAuth2

Body

application/json

webhook*Webhook (object)

Generic webhooks used to store subscriptions of third-parties that are notified by events.

Response

200400

A set consisting of the new Webhook object created, together with the initial Revision object.

Body

application/json

webhookWebhook (object)

Generic webhooks used to store subscriptions of third-parties that are notified by events.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "webhook": {
        "id": "text",
        "payloadUrl": "text",
        "contentType": "text",
        "disabled": false,
        "secretKey": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "webhook": {
    "id": "text",
    "payloadUrl": "text",
    "contentType": "text",
    "disabled": false,
    "secretKey": "text"
  }
}

READ - get a Webhook object.

READ - get a Webhook object.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/{webhookId}/

Authorization

OAuth2

Path parameters

webhookId*string

Unique ID of an object

Query parameters

Response

200400

Body

application/json

webhookWebhook (object)

Generic webhooks used to store subscriptions of third-parties that are notified by events.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/{webhookId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "webhook": {
    "id": "text",
    "payloadUrl": "text",
    "contentType": "text",
    "disabled": false,
    "secretKey": "text"
  }
}

UPDATE - Updates an existing Webhook object, returning the updated version.

UPDATE - Updates an existing Webhook object, returning the updated version.

PUThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/{webhookId}/

Authorization

OAuth2

Path parameters

webhookId*string

Unique ID of an object

Body

application/json

webhook*Webhook (object)

Generic webhooks used to store subscriptions of third-parties that are notified by events.

Response

200400

Body

application/json

webhookWebhook (object)

Generic webhooks used to store subscriptions of third-parties that are notified by events.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/{webhookId}/', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "webhook": {
        "id": "text",
        "payloadUrl": "text",
        "contentType": "text",
        "disabled": false,
        "secretKey": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "webhook": {
    "id": "text",
    "payloadUrl": "text",
    "contentType": "text",
    "disabled": false,
    "secretKey": "text"
  }
}

DELETE - Deletes an existing Webhook object.

DELETE - Deletes an existing Webhook object.

DELETEhttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/{webhookId}/

Authorization

OAuth2

Path parameters

webhookId*string

Unique ID of an object

Response

200400

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhook/{webhookId}/', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

Returns a list of readable Webhook objects

LIST - Fetches list of readable Webhook objects

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhooks/

Authorization

OAuth2

Query parameters

Response

200400

A list of Webhook objects readable for the current session's credentials.

Body

application/json

webhooksarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//config/webhooks/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "webhooks": [
    {
      "id": "text",
      "payloadUrl": "text",
      "contentType": "text",
      "disabled": false,
      "secretKey": "text"
    }
  ]
}

8.1.2 Service APIs

CREATE - Creates an Individual in the Consent system

CREATE - Creates an Individual in the Consent system

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/

Authorization

OAuth2

Body

application/json

individual*Individual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Response

200400

Body

application/json

individualIndividual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "individual": {
        "id": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "individual": {
    "id": "text",
    "externalId": "text",
    "externalIdType": "text",
    "identityProviderId": "text"
  }
}

READ - Fetch an Individual in the Consent system

READ - Fetch an Individual in the Consent system

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/{individualId}/

Authorization

OAuth2

Path parameters

individualId*string

Unique ID of an object

Response

200400

Body

application/json

individualIndividual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/{individualId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "individual": {
    "id": "text",
    "externalId": "text",
    "externalIdType": "text",
    "identityProviderId": "text"
  }
}

UPDATE - Updates an Individual in the Consent system

UPDATE - Updates an Individual in the Consent system

PUThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/{individualId}/

Authorization

OAuth2

Path parameters

individualId*string

Unique ID of an object

Body

application/json

individual*Individual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Response

200400

Body

application/json

individualIndividual (object)

Shallowly models an Individual which may reference some instance in an external system (registration system, functional ID, foundational ID etc). An Individual instance of this model is not to be mistaken with a unique natural individual. It is up to the system owner to decide if this record permits mapping to a natural individual and/or if a single Individual row can map to several consent records.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/{individualId}/', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "individual": {
        "id": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "individual": {
    "id": "text",
    "externalId": "text",
    "externalIdType": "text",
    "identityProviderId": "text"
  }
}

LIST - lists individuals in the system

LIST - lists individuals in the system

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individuals/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

individualsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individuals/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "individuals": [
    {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    }
  ]
}

READ - fetches the latest version of an Agreement

READ - fetches the latest version of an Agreement

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/data-agreement/{dataAgreementId}/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Response

200400

Body

application/json

dataAgreementDataAgreement (object)

A Data Agreement contains the specification of a single purpose that can be consented to. A Data Agreement is universal and can be consented to by many individuals through a ConsentRecord. A Data Agreement implements a specific type of agreement related to personal data, modeled by DataAgreementAttribute. There may be other types of agreements modeled in future Consent BB releases. Notice that when creating a serialized snapshop for revisioning a Data Agreement, all related objects have to be serialized and included.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/data-agreement/{dataAgreementId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "dataAgreement": {
    "id": "text",
    "version": "text",
    "controller": {
      "id": "text",
      "name": "text",
      "url": "text"
    },
    "policy": {
      "id": "text",
      "name": "text",
      "version": "text",
      "url": "text",
      "jurisdiction": "text",
      "industrySector": "text",
      "geographicRestriction": "text",
      "storageLocation": "text"
    },
    "purpose": "text",
    "lawfulBasis": "text",
    "dataUse": "text",
    "dpia": "text",
    "active": false,
    "forgettable": false,
    "lifecycle": {
      "id": "text",
      "name": "text"
    },
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

READ - fetches the latest version of a Policy and the presented revisionId of an associated Agreement

READ - fetches the latest version of a Policy and the presented revisionId of an associated Agreement

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/policy/{policyId}/

Authorization

OAuth2

Path parameters

policyId*string

Unique ID of an object

Query parameters

Response

200400

Body

application/json

policyPolicy (object)

A policy governs Data Agreements in the realm of an organisation that is often referred to as "data controller" (GDPR) and owner of referencing Data Agreements.

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/policy/{policyId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "policy": {
    "id": "text",
    "name": "text",
    "version": "text",
    "url": "text",
    "jurisdiction": "text",
    "industrySector": "text",
    "geographicRestriction": "text",
    "storageLocation": "text"
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

LIST - Fetch

LIST - Fetch

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/verification/data-agreements/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

dataAgreementsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/verification/data-agreements/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "dataAgreements": [
    {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    }
  ]
}

LIST - Fetch consent records (latest revision). For a given ConsentRecordFilter, query if consent exists.

LIST - Fetch consent records (latest revision). For a given ConsentRecordFilter, query if consent exists.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/verification/consent-records/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

consentRecordsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/verification/consent-records/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecords": [
    {
      "id": "text",
      "dataAgreement": {
        "id": "text",
        "version": "text",
        "controller": {
          "id": "text",
          "name": "text",
          "url": "text"
        },
        "policy": {
          "id": "text",
          "name": "text",
          "version": "text",
          "url": "text",
          "jurisdiction": "text",
          "industrySector": "text",
          "geographicRestriction": "text",
          "storageLocation": "text"
        },
        "purpose": "text",
        "lawfulBasis": "text",
        "dataUse": "text",
        "dpia": "text",
        "active": false,
        "forgettable": false,
        "lifecycle": {
          "id": "text",
          "name": "text"
        },
        "signature": {
          "id": "text",
          "payload": "text",
          "signature": "text",
          "verificationMethod": "text",
          "verificationPayload": "text",
          "verificationPayloadHash": "text",
          "verificationArtifact": "text",
          "verificationSignedBy": "text",
          "verificationSignedAs": "text",
          "verificationJwsHeader": "text",
          "timestamp": "text",
          "signedWithoutObjectReference": false,
          "objectType": "text",
          "objectReference": "text"
        }
      },
      "dataAgreementRevision": {
        "id": "text",
        "schemaName": "text",
        "objectId": "text",
        "signedWithoutObjectId": false,
        "serializedSnapshot": "text",
        "serializedHash": "text",
        "timestamp": "text",
        "authorizedByIndividual": {
          "id": "text",
          "externalId": "text",
          "externalIdType": "text",
          "identityProviderId": "text"
        },
        "authorizedByOther": "text",
        "predecessorHash": "text",
        "predecessorSignature": "text"
      },
      "dataAgreementRevisionHash": "text",
      "individual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "optIn": false,
      "state": "text",
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    }
  ]
}

READ - Reads a consent record by its ID.

READ - Reads a consent record by its ID.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/verification/consent-record/{consentRecordId}/

Authorization

OAuth2

Path parameters

consentRecordId*string

Unique ID of an object

Response

200400

Body

application/json

consentRecordConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/verification/consent-record/{consentRecordId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecord": {
    "id": "text",
    "dataAgreement": {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    },
    "dataAgreementRevision": {
      "id": "text",
      "schemaName": "text",
      "objectId": "text",
      "signedWithoutObjectId": false,
      "serializedSnapshot": "text",
      "serializedHash": "text",
      "timestamp": "text",
      "authorizedByIndividual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "authorizedByOther": "text",
      "predecessorHash": "text",
      "predecessorSignature": "text"
    },
    "dataAgreementRevisionHash": "text",
    "individual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "optIn": false,
    "state": "text",
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

CREATE - For a particular Individual and a particular Agreement, create a new Consent Record pointing to the current Revision of a given Agreement. Individual ID supplied as HTTP header.

CREATE - For a particular Individual and a particular Agreement, create a new Consent Record pointing to the current Revision of a given Agreement. Individual ID supplied as HTTP header.

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/data-agreement/{dataAgreementId}/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Query parameters

Response

200400

Body

application/json

consentRecordConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/data-agreement/{dataAgreementId}/', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecord": {
    "id": "text",
    "dataAgreement": {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    },
    "dataAgreementRevision": {
      "id": "text",
      "schemaName": "text",
      "objectId": "text",
      "signedWithoutObjectId": false,
      "serializedSnapshot": "text",
      "serializedHash": "text",
      "timestamp": "text",
      "authorizedByIndividual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "authorizedByOther": "text",
      "predecessorHash": "text",
      "predecessorSignature": "text"
    },
    "dataAgreementRevisionHash": "text",
    "individual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "optIn": false,
    "state": "text",
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

READ - Individual ID supplied as HTTP header. Fetches the current ConsentRecord for an Agreement. There should be one unambiguous ConsentRecord for an Individual and an Agreement.

READ - Individual ID supplied as HTTP header. Fetches the current ConsentRecord for an Agreement. There should be one unambiguous ConsentRecord for an Individual and an Agreement.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/data-agreement/{dataAgreementId}/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Response

200400

Body

application/json

consentRecordConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/data-agreement/{dataAgreementId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecord": {
    "id": "text",
    "dataAgreement": {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    },
    "dataAgreementRevision": {
      "id": "text",
      "schemaName": "text",
      "objectId": "text",
      "signedWithoutObjectId": false,
      "serializedSnapshot": "text",
      "serializedHash": "text",
      "timestamp": "text",
      "authorizedByIndividual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "authorizedByOther": "text",
      "predecessorHash": "text",
      "predecessorSignature": "text"
    },
    "dataAgreementRevisionHash": "text",
    "individual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "optIn": false,
    "state": "text",
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  }
}

CREATE - Gets a DRAFT (unsaved) ConsentRecord and Signature objects (without a PK) for a given dataAgreementId.

CREATE - Gets a DRAFT (unsaved) ConsentRecord and Signature objects (without a PK) for a given dataAgreementId.

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/draft/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

consentRecordConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

signatureSignature (object)

A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/draft/', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecord": {
    "id": "text",
    "dataAgreement": {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    },
    "dataAgreementRevision": {
      "id": "text",
      "schemaName": "text",
      "objectId": "text",
      "signedWithoutObjectId": false,
      "serializedSnapshot": "text",
      "serializedHash": "text",
      "timestamp": "text",
      "authorizedByIndividual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "authorizedByOther": "text",
      "predecessorHash": "text",
      "predecessorSignature": "text"
    },
    "dataAgreementRevisionHash": "text",
    "individual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "optIn": false,
    "state": "text",
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "signature": {
    "id": "text",
    "payload": "text",
    "signature": "text",
    "verificationMethod": "text",
    "verificationPayload": "text",
    "verificationPayloadHash": "text",
    "verificationArtifact": "text",
    "verificationSignedBy": "text",
    "verificationSignedAs": "text",
    "verificationJwsHeader": "text",
    "timestamp": "text",
    "signedWithoutObjectReference": false,
    "objectType": "text",
    "objectReference": "text"
  }
}

CREATE - Creates a paired ConsentRecord and Signature object. Returns the same objects with the PK defined.

CREATE - Creates a paired ConsentRecord and Signature object. Returns the same objects with the PK defined.

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/

Authorization

OAuth2

Body

application/json

consentRecord*ConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

signature*Signature (object)

A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.

Response

200400

Body

application/json

consentRecordConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

signatureSignature (object)

A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "consentRecord": {
        "id": "text",
        "dataAgreementRevisionHash": "text",
        "state": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationSignedBy": "text",
        "timestamp": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "consentRecord": {
    "id": "text",
    "dataAgreement": {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    },
    "dataAgreementRevision": {
      "id": "text",
      "schemaName": "text",
      "objectId": "text",
      "signedWithoutObjectId": false,
      "serializedSnapshot": "text",
      "serializedHash": "text",
      "timestamp": "text",
      "authorizedByIndividual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "authorizedByOther": "text",
      "predecessorHash": "text",
      "predecessorSignature": "text"
    },
    "dataAgreementRevisionHash": "text",
    "individual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "optIn": false,
    "state": "text",
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  },
  "signature": {
    "id": "text",
    "payload": "text",
    "signature": "text",
    "verificationMethod": "text",
    "verificationPayload": "text",
    "verificationPayloadHash": "text",
    "verificationArtifact": "text",
    "verificationSignedBy": "text",
    "verificationSignedAs": "text",
    "verificationJwsHeader": "text",
    "timestamp": "text",
    "signedWithoutObjectReference": false,
    "objectType": "text",
    "objectReference": "text"
  }
}

LIST - Fetches all current unambiguous consent records stored for Individual ID. Individual ID supplied as HTTP header.

LIST - Fetches all current unambiguous consent records stored for Individual ID. Individual ID supplied as HTTP header.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

consentRecordsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecords": [
    {
      "id": "text",
      "dataAgreement": {
        "id": "text",
        "version": "text",
        "controller": {
          "id": "text",
          "name": "text",
          "url": "text"
        },
        "policy": {
          "id": "text",
          "name": "text",
          "version": "text",
          "url": "text",
          "jurisdiction": "text",
          "industrySector": "text",
          "geographicRestriction": "text",
          "storageLocation": "text"
        },
        "purpose": "text",
        "lawfulBasis": "text",
        "dataUse": "text",
        "dpia": "text",
        "active": false,
        "forgettable": false,
        "lifecycle": {
          "id": "text",
          "name": "text"
        },
        "signature": {
          "id": "text",
          "payload": "text",
          "signature": "text",
          "verificationMethod": "text",
          "verificationPayload": "text",
          "verificationPayloadHash": "text",
          "verificationArtifact": "text",
          "verificationSignedBy": "text",
          "verificationSignedAs": "text",
          "verificationJwsHeader": "text",
          "timestamp": "text",
          "signedWithoutObjectReference": false,
          "objectType": "text",
          "objectReference": "text"
        }
      },
      "dataAgreementRevision": {
        "id": "text",
        "schemaName": "text",
        "objectId": "text",
        "signedWithoutObjectId": false,
        "serializedSnapshot": "text",
        "serializedHash": "text",
        "timestamp": "text",
        "authorizedByIndividual": {
          "id": "text",
          "externalId": "text",
          "externalIdType": "text",
          "identityProviderId": "text"
        },
        "authorizedByOther": "text",
        "predecessorHash": "text",
        "predecessorSignature": "text"
      },
      "dataAgreementRevisionHash": "text",
      "individual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "optIn": false,
      "state": "text",
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    }
  ]
}

UPDATE* - Update a particular Consent Record, generating a new Revision object. Individual ID supplied as HTTP header. Note that updating a signed Consent Record invalidates its signature. Field set subject to update is restricted.

UPDATE* - Update a particular Consent Record, generating a new Revision object. Individual ID supplied as HTTP header. Note that updating a signed Consent Record invalidates its signature. Field set subject to update is restricted.

PUThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/{consentRecordId}/

Authorization

OAuth2

Path parameters

consentRecordId*string

Unique ID of an object

Body

application/json

consentRecord*ConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

Response

200400

Body

application/json

consentRecordConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

revisionRevision (object)

A generic revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.

Aside from "successor" column, a revision should be considered locked.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/{consentRecordId}/', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "consentRecord": {
        "id": "text",
        "dataAgreementRevisionHash": "text",
        "state": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "consentRecord": {
    "id": "text",
    "dataAgreement": {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    },
    "dataAgreementRevision": {
      "id": "text",
      "schemaName": "text",
      "objectId": "text",
      "signedWithoutObjectId": false,
      "serializedSnapshot": "text",
      "serializedHash": "text",
      "timestamp": "text",
      "authorizedByIndividual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "authorizedByOther": "text",
      "predecessorHash": "text",
      "predecessorSignature": "text"
    },
    "dataAgreementRevisionHash": "text",
    "individual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "optIn": false,
    "state": "text",
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  },
  "revision": {
    "id": "text",
    "schemaName": "text",
    "objectId": "text",
    "signedWithoutObjectId": false,
    "serializedSnapshot": "text",
    "serializedHash": "text",
    "timestamp": "text",
    "authorizedByIndividual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "authorizedByOther": "text",
    "predecessorHash": "text",
    "predecessorSignature": "text"
  }
}

CREATE - Creates and returns a Signature object for the Consent Record with a payload ready for signing. Signature object fieldset is restricted.

CREATE - Creates and returns a Signature object for the Consent Record with a payload ready for signing. Signature object fieldset is restricted.

POSThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/{consentRecordId}/signature/

Authorization

OAuth2

Path parameters

consentRecordId*string

Unique ID of an object

Body

application/json

signature*Signature (object)

A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.

Response

200400

Body

application/json

signatureSignature (object)

A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/{consentRecordId}/signature/', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationSignedBy": "text",
        "timestamp": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "signature": {
    "id": "text",
    "payload": "text",
    "signature": "text",
    "verificationMethod": "text",
    "verificationPayload": "text",
    "verificationPayloadHash": "text",
    "verificationArtifact": "text",
    "verificationSignedBy": "text",
    "verificationSignedAs": "text",
    "verificationJwsHeader": "text",
    "timestamp": "text",
    "signedWithoutObjectReference": false,
    "objectType": "text",
    "objectReference": "text"
  }
}

UPDATE - Updates a Signature object for a Consent Record. This is used to add a signature to an existing unsigned Signature object. Consent BB is responsible for updating the Consent Record state. Signature object fieldset is restricted.

UPDATE - Updates a Signature object for a Consent Record. This is used to add a signature to an existing unsigned Signature object. Consent BB is responsible for updating the Consent Record state. Signature object fieldset is restricted.

PUThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/{consentRecordId}/signature/

Authorization

OAuth2

Path parameters

consentRecordId*string

Unique ID of an object

Body

application/json

signature*Signature (object)

A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.

Response

200400

Body

application/json

signatureSignature (object)

A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/consent-record/{consentRecordId}/signature/', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationSignedBy": "text",
        "timestamp": "text"
      }
    }),
});
const data = await response.json();

Response

{
  "signature": {
    "id": "text",
    "payload": "text",
    "signature": "text",
    "verificationMethod": "text",
    "verificationPayload": "text",
    "verificationPayloadHash": "text",
    "verificationArtifact": "text",
    "verificationSignedBy": "text",
    "verificationSignedAs": "text",
    "verificationJwsHeader": "text",
    "timestamp": "text",
    "signedWithoutObjectReference": false,
    "objectType": "text",
    "objectReference": "text"
  }
}

LIST - Fetches all consent records given to a particular agreement. Individual ID supplied as HTTP header.

LIST - Fetches all consent records given to a particular agreement. Individual ID supplied as HTTP header.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/data-agreement/{dataAgreementId}/all/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Query parameters

Response

200400

Body

application/json

consentRecordsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/data-agreement/{dataAgreementId}/all/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecords": [
    {
      "id": "text",
      "dataAgreement": {
        "id": "text",
        "version": "text",
        "controller": {
          "id": "text",
          "name": "text",
          "url": "text"
        },
        "policy": {
          "id": "text",
          "name": "text",
          "version": "text",
          "url": "text",
          "jurisdiction": "text",
          "industrySector": "text",
          "geographicRestriction": "text",
          "storageLocation": "text"
        },
        "purpose": "text",
        "lawfulBasis": "text",
        "dataUse": "text",
        "dpia": "text",
        "active": false,
        "forgettable": false,
        "lifecycle": {
          "id": "text",
          "name": "text"
        },
        "signature": {
          "id": "text",
          "payload": "text",
          "signature": "text",
          "verificationMethod": "text",
          "verificationPayload": "text",
          "verificationPayloadHash": "text",
          "verificationArtifact": "text",
          "verificationSignedBy": "text",
          "verificationSignedAs": "text",
          "verificationJwsHeader": "text",
          "timestamp": "text",
          "signedWithoutObjectReference": false,
          "objectType": "text",
          "objectReference": "text"
        }
      },
      "dataAgreementRevision": {
        "id": "text",
        "schemaName": "text",
        "objectId": "text",
        "signedWithoutObjectId": false,
        "serializedSnapshot": "text",
        "serializedHash": "text",
        "timestamp": "text",
        "authorizedByIndividual": {
          "id": "text",
          "externalId": "text",
          "externalIdType": "text",
          "identityProviderId": "text"
        },
        "authorizedByOther": "text",
        "predecessorHash": "text",
        "predecessorSignature": "text"
      },
      "dataAgreementRevisionHash": "text",
      "individual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "optIn": false,
      "state": "text",
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    }
  ]
}

DELETE - Cascading delete operation for Right To Be Forgotten, deletes all Consent Records that shall not be retained and have a "forgettable" Agreement. May also delete an unsigned Consent Record, for instance in cases where the user exits the signing process. Individual ID supplied as HTTP header.

DELETE - Cascading delete operation for Right To Be Forgotten, deletes all Consent Records that shall not be retained and have a "forgettable" Agreement. May also delete an unsigned Consent Record, for instance in cases where the user exits the signing process. Individual ID supplied as HTTP header.

DELETEhttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/

Authorization

OAuth2

Response

200400

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//service/individual/record/', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

8.1.3 Audit APIs

LIST - fetch ConsentRecord objects

LIST - fetch ConsentRecord objects

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/consent-records/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

consentRecordsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/consent-records/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecords": [
    {
      "id": "text",
      "dataAgreement": {
        "id": "text",
        "version": "text",
        "controller": {
          "id": "text",
          "name": "text",
          "url": "text"
        },
        "policy": {
          "id": "text",
          "name": "text",
          "version": "text",
          "url": "text",
          "jurisdiction": "text",
          "industrySector": "text",
          "geographicRestriction": "text",
          "storageLocation": "text"
        },
        "purpose": "text",
        "lawfulBasis": "text",
        "dataUse": "text",
        "dpia": "text",
        "active": false,
        "forgettable": false,
        "lifecycle": {
          "id": "text",
          "name": "text"
        },
        "signature": {
          "id": "text",
          "payload": "text",
          "signature": "text",
          "verificationMethod": "text",
          "verificationPayload": "text",
          "verificationPayloadHash": "text",
          "verificationArtifact": "text",
          "verificationSignedBy": "text",
          "verificationSignedAs": "text",
          "verificationJwsHeader": "text",
          "timestamp": "text",
          "signedWithoutObjectReference": false,
          "objectType": "text",
          "objectReference": "text"
        }
      },
      "dataAgreementRevision": {
        "id": "text",
        "schemaName": "text",
        "objectId": "text",
        "signedWithoutObjectId": false,
        "serializedSnapshot": "text",
        "serializedHash": "text",
        "timestamp": "text",
        "authorizedByIndividual": {
          "id": "text",
          "externalId": "text",
          "externalIdType": "text",
          "identityProviderId": "text"
        },
        "authorizedByOther": "text",
        "predecessorHash": "text",
        "predecessorSignature": "text"
      },
      "dataAgreementRevisionHash": "text",
      "individual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "optIn": false,
      "state": "text",
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    }
  ]
}

READ

READ

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/consent-record/{consentRecordId}/

Authorization

OAuth2

Path parameters

consentRecordId*string

Unique ID of an object

Response

200400

Body

application/json

consentRecordConsentRecord (object)

A Consent Record expresses consent (as defined in this building block's specification) to a single Data Agreement. There must be a UNIQUE constraint on (dataAgreementRevision, individual)

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/consent-record/{consentRecordId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "consentRecord": {
    "id": "text",
    "dataAgreement": {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    },
    "dataAgreementRevision": {
      "id": "text",
      "schemaName": "text",
      "objectId": "text",
      "signedWithoutObjectId": false,
      "serializedSnapshot": "text",
      "serializedHash": "text",
      "timestamp": "text",
      "authorizedByIndividual": {
        "id": "text",
        "externalId": "text",
        "externalIdType": "text",
        "identityProviderId": "text"
      },
      "authorizedByOther": "text",
      "predecessorHash": "text",
      "predecessorSignature": "text"
    },
    "dataAgreementRevisionHash": "text",
    "individual": {
      "id": "text",
      "externalId": "text",
      "externalIdType": "text",
      "identityProviderId": "text"
    },
    "optIn": false,
    "state": "text",
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  }
}

LIST - fetch all Agreements stored in the system.

LIST - fetch all Agreements stored in the system.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/data-agreements/

Authorization

OAuth2

Query parameters

Response

200400

Body

application/json

dataAgreementsarray of one of

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/data-agreements/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "dataAgreements": [
    {
      "id": "text",
      "version": "text",
      "controller": {
        "id": "text",
        "name": "text",
        "url": "text"
      },
      "policy": {
        "id": "text",
        "name": "text",
        "version": "text",
        "url": "text",
        "jurisdiction": "text",
        "industrySector": "text",
        "geographicRestriction": "text",
        "storageLocation": "text"
      },
      "purpose": "text",
      "lawfulBasis": "text",
      "dataUse": "text",
      "dpia": "text",
      "active": false,
      "forgettable": false,
      "lifecycle": {
        "id": "text",
        "name": "text"
      },
      "signature": {
        "id": "text",
        "payload": "text",
        "signature": "text",
        "verificationMethod": "text",
        "verificationPayload": "text",
        "verificationPayloadHash": "text",
        "verificationArtifact": "text",
        "verificationSignedBy": "text",
        "verificationSignedAs": "text",
        "verificationJwsHeader": "text",
        "timestamp": "text",
        "signedWithoutObjectReference": false,
        "objectType": "text",
        "objectReference": "text"
      }
    }
  ]
}

READ - fetch a single Agreement.

READ - fetch a single Agreement.

GEThttps://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/data-agreement/{dataAgreementId}/

Authorization

OAuth2

Path parameters

dataAgreementId*string

Unique ID of an object

Response

200400

Body

application/json

dataAgreementDataAgreement (object)

A Data Agreement contains the specification of a single purpose that can be consented to. A Data Agreement is universal and can be consented to by many individuals through a ConsentRecord. A Data Agreement implements a specific type of agreement related to personal data, modeled by DataAgreementAttribute. There may be other types of agreements modeled in future Consent BB releases. Notice that when creating a serialized snapshop for revisioning a Data Agreement, all related objects have to be serialized and included.

Request

JavaScriptCurl

const response = await fetch('https://app.swaggerhub.com/apis/GovStack/consent-management-bb//audit/data-agreement/{dataAgreementId}/', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "dataAgreement": {
    "id": "text",
    "version": "text",
    "controller": {
      "id": "text",
      "name": "text",
      "url": "text"
    },
    "policy": {
      "id": "text",
      "name": "text",
      "version": "text",
      "url": "text",
      "jurisdiction": "text",
      "industrySector": "text",
      "geographicRestriction": "text",
      "storageLocation": "text"
    },
    "purpose": "text",
    "lawfulBasis": "text",
    "dataUse": "text",
    "dpia": "text",
    "active": false,
    "forgettable": false,
    "lifecycle": {
      "id": "text",
      "name": "text"
    },
    "signature": {
      "id": "text",
      "payload": "text",
      "signature": "text",
      "verificationMethod": "text",
      "verificationPayload": "text",
      "verificationPayloadHash": "text",
      "verificationArtifact": "text",
      "verificationSignedBy": "text",
      "verificationSignedAs": "text",
      "verificationJwsHeader": "text",
      "timestamp": "text",
      "signedWithoutObjectReference": false,
      "objectType": "text",
      "objectReference": "text"
    }
  }
}