If users must provide one or more consent before they can be allowed to login to your site or app, you should consider enabling the Consents authorization rule.
Enabling the Consents authorization rule means that when a user submits the login form, Hosted Login will check their profile for specified consents and, if any are not granted, the user will be prompted and required to grant them before continuing.
To enable this authorization rule, you must add or update the following setting in the Identity Cloud Console:
This setting is not configured by default. You can add it to Global Settings if you want the rule to apply to all digital properties, or you can add it to a specific Property to apply it to just that site or app.
The value of this setting is a JSON-formatted array of consents. Each consent in the array is identified by the name of the consent - the object attribute name - within the
consents object in the schema.
For example, the setting value to enable the authorization rule for the default marketing consent is:
An example value to enable this rule for multiple consents is:
If you are testing this functionality with just the default marketing consent, then all you need to do is configure the
authorization.rules.consents setting properly and Hosted Login is built to handle the rest.
However, if you’d like to enable this authorization rule for any other consent, you’ll need to take a couple of additional steps as outlined below.
The authRuleConsentsForm is the form that is displayed to the user when they need to provide a required consent (triggered by the Consents authorization rule).
By default, this form contains one consent - the
If you’d like to add other consents to this form and/or remove the
marketingConsent field, you can do this in the Identity Cloud Console:
authRuleConsentsForm. By default, forms are listed in alphabetical order by Form Name.
Note that you must create any consent fields you need before they will appear in this list. To create custom consents, see Add more opts.
marketingConsentfield (or any other fields you’ve added) from the form, click the icon in the far right column for that field.
NOTE: By default, you have a Global Setting called default_flow_version which is set to
HEAD. This allows changes to the flow configuration - like this form change - to be published to Hosted Login screens immediately.
If default_flow_version is set to a specific flow version (example:
20200324202112729271), you will need to update it to the new version in order to publish this change. You can find the latest flow version on the REGISTRATION BUILDER home page in Console.
If you’d like to customize the text displayed on this screen, see Text.
You should now have the following configured:
authorization.rules.consentssetting configured to trigger based on one or more consents you require
authRuleConsentsFormconfigured to display the consent(s) you require
However, Hosted Login is built to write consent data based only on the
marketingConsent by default. In order for the correct data to be written to the user record when the
authRuleConsentsForm is submitted, this hidden logic must be revised to match your new configurations.
For this, please reach out to your Akamai Identity Cloud representative. The logic that tells Hosted Login what to write into the user record, and when to write it, can be modified by the Akamai Identity Cloud Professional Services team to support your specific needs.