Consent automation
This document provides an overview of the consent automation feature of Fides. Learn more in the following sections:
- Introduction to consent automation
- How consent automation works
- Configuring consent automation
- Integration guides
Prerequisites
For this tutorial you will need:
- A Fides Cloud or Fides Enterprise account.
Introduction to consent automation
Consent automation, also known as bidirectional consent, is a feature of Fides that acts as a centralized system of record for all consent and privacy preferences. It serves as a universal translator between Fides' standardized privacy concepts and the specific requirements of various third-party consent management systems. This automation enables two crucial functions:
- Outbound consent propagation: Any consent preference saved directly in Fides can be automatically propagated to all connected third-party APIs that support consent management.
- Inbound consent synchronization (Consent webhooks): Changes to consent preferences made in third-party systems can be posted to Fides, processed, and propagated. Ensuring all connected systems remain up-to-date.
The extent of consent automation functionality in Fides is dependent on the capabilities of the connected consent management APIs. For example:
- Consent APIs must be able to list their "consentable items" (such as channels or mailing lists) for Fides to be able to map privacy notices to specific items.
- Consent webhooks are only supported for APIs that provide webhooks capable of posting consent updates to Fides.
How consent automation works
Consent automation in Fides works by acting as a translator between Fides' standardized privacy concepts and the specific requirements of various third-party systems. This process involves three key steps:
- Standardization: Fides uses internal concepts of privacy notices and privacy preferences (such as opt-in and opt-out) as standardized way to represent general consent preferences.
- Mapping: These standardized concepts are then mapped to the specific consentable items (such as channels, subscriptions, or mailing lists) used by different third-party systems. This allows Fides to translate privacy preferences into the specific consent models of each integrated system.
- Conversion: Fides converts its standardized data to and from the consent models used by each integrated system.
Here's an example of how general Fides concepts map to a 3rd-party system to illustrate this process:
| Fides terminology | 3rd-party system |
|---|---|
| Marketing privacy notice | Email Marketing Channel and Push Marketing Channel |
| Opt-in consent preference | Subscribed |
| Opt-out consent preference | Unsubscribed |
In this example:
Fides uses a single Marketing privacy notice to represent consent for marketing communications. The third-party system separates this into two distinct channels: Email Marketing and Push Marketing. Each channel represents a "consentable item" in this system, it could be subscriptions or mailing lists for other systems.
When a user gives consent (opt-in) in Fides:
- Fides maps this consent to the relevant consentable items in the third-party system. In this example, the third-party system sets both the Email Marketing and Push Marketing channels to
Subscribed.
When a user revokes consent (opt-out) in Fides:
- In this example, the third-party system sets both the Email Marketing and Push Marketing channels to
Unsubscribed.
Conversely, if the third-party system reports an Unsubscribed status for either channel via consent webhook:
- Fides interprets this as an "opt-out" for the Marketing privacy notice. The preference is stored in Fides and propagated to other systems.
The consent automation process handles the translation between these two models, ensuring consistency across systems with varying consentable items and consent models.
Configuring consent automation
Map consentable items
- In the Admin UI, navigate to Data inventory > Add Systems.
- Create a new system, click save.
- Navigate to the
Integrationstab for this system and select an integration that supports consent automation (As of Fides v2.48.0, Iterable is the only supported integration. Additional integrations can be added on request). - Enter the credentials and click save.
- After saving the credentials, the Consent automation accordion will be accessible.
- Expand the accordion and map your consentable items to your privacy notices. The list of items is dynamic and will vary between integrations or even within different accounts for the same integration.
- Once you're done mapping the items click save.
Setting up the consent webhook
If the 3rd-party API supports posting data to other systems when a consent update occurs, then you can configure a consent webhook in Fides. See Iterable's System Webhooks (opens in a new tab) documentation as an example. This setup will vary between integrations so refer to our integration guides below for more details. Generally speaking, the URL that Fides exposes for an integrations consent webhook will follow the pattern:
/api/v1/plus/connection/{integration_identifier}/consent-webhookThe integration_identifier refers to the Integration identifier of the consent integration. In this case iterable_api
Generating an access token for consent webhooks
In order to secure the payload from external systems, Fides allows users with the Owner role to issue long-lived access tokens for use in the consent webhooks. This is currently done via the API.
GET /api/v1/plus/connection/{{integration_identifier}}/consent-webhook/token{
"access_token": "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0..."
}The consent webhook tokens are scoped to an individual integration and expire after 6 months. It is your responsibility to generate a new access token before it expires and update it in your external systems. If you want to change the time-to-live for these settings adjust the value of FIDES__SECURITY__CONSENT_WEBHOOK_ACCESS_TOKEN_EXPIRE_MINUTES
Integration guides
For specific instructions how to set up connectivity to a specific integration or how to setup the consent webhooks, refer to the following integration guides.