API Quick Start

Full API Swagger docs available here.

📘

If you are new to the platform the Quick Start Guide is a useful resource to understand some of the key customer journeys and how to use the Admin UI.

Authorization

All calls to authenticated platform endpoints must be authorized with a token (JWT). These are obtained from our Auth0 service. The necessary call to Auth0 is configured in our example Postman collection below, or if making the call via another service you can use the below cURL:

curl --location --request POST '{{auth0-domain}}' \
--header 'Content-Type: application/json' \
--data-raw '{
	"client_id":"{{auth0-client-id}}",
	"client_secret":"{{auth0-client-secret}}", 
	"audience":"{{auth0-audience}}", 
	"grant_type":"client_credentials"
}'

The successful generation of JWTs is dependent on the following information being provided:

Variable nameValues
auth0-domainsandbox: https://sandbox-consentric.eu.auth0.com

test: https://test-consentric.eu.auth0.com

production (UK data center): https://consentric.eu.auth0.com

production (EU data center): https://dgconsentde.eu.auth0.com
auth0-client-idSensitive data - please check your welcome email
auth0-client-secretSensitive data - please check your welcome email

Please remember this is secured using a Onetime Secret. The secret link is only active for seven days. The secret link only works once and then disappears forever so you should complete your API set up within 7 days of receiving the email.
auth0-audiencesandbox: https://sandbox-api.consentric.io

test: https://testing-api.consentric.io

production (UK data center): https://api.consentric.io

production (EU data center): https://api.dgconsent.de

Once successfully retrieved, the token should be included as the Authorization header (format = Bearer {{token}}) in subsequent calls to to the platform API.

🚧

Fair Usage Policy

Auth0 JWT generation forms part of our fair usage policy. Please ensure resilient processes are established to avoid any unnecessary generation of large volumes of tokens.

Postman Environment Variables

In order to set up your postman environment we have provided a json file with a list of the environment variables you will need. Postman can be downloaded from https://www.getpostman.com/

The variable values are defaulted to our sandbox environment so you will need to amend the values depending on the environment you are connecting to (e.g. test).

You can save this file and then import into postman and then modify as required. Please see the table below for more details on platform variables:

Variable nameValues
app-idSensitive data - please check your welcome email
api-hostsandbox: https://sandbox-api.consentric.io

test: https://testing-api.consentric.io

production (UK data center): https://api.consentric.io

production (EU data center): https://api.dgconsent.de

API Calls Postman collection

Download Collection json

To support your interaction with the API we have provided a sample Postman collection with all core services and features included. The collection contains the majority of API calls that can be made for the platform, but new functionality is being released all the time so check the full API Swagger docs for new features.

Scopes & Features

Functionality that you can access within the APIs is controlled by scopes & features which are enabled by our Operations team. Sandboxes are set as default up to have all key features enabled (once they are out of development), but your Production environment may not have these depending on the product package you use. If you do not have access to features you expect, please contact our Support Team.

Data Model Overview

The Data Model section will provide context to how the DataGuard API interacts with the information you upload into DataGuard.

If you do need further information please contact our Support Team via our support button.