Consent Management: Configuring OneTrust Consent Migration
Prerequisites
For this tutorial you'll need:
- A Fides Cloud or Fides Enterprise account
- The role of
Owner
orContributor
for your Fides organization. - Existing OneTrust consent categories that some users have consented to.
Overview
Fides supports the migration of consent preferences from OneTrust to Fides. This feature allows organizations transitioning from Onetrust to Fides to seamlessly migrate user consent preferences without requiring users to re-consent. This document provides guidance on how to configure and use this feature.
How It Works
The OneTrust migration feature works by mapping OneTrust consent categories to Fides privacy notices. When a user has an existing Onetrust consent cookie, Fides will read this cookie and apply the corresponding consent preferences to the Fides cookie.
Key Components
- OneTrust Consent Cookie: The
OptanonConsent
cookie stores user consent preferences in OneTrust. - Fides Consent Cookie: The
fides_consent
cookie stores user consent preferences in Fides. - Mapping Configuration: A JSON object that maps OneTrust categories to Fides notice keys.
Configuration Steps
- Define the Mapping: Create a mapping between OneTrust categories and Fides notice keys. This mapping should be a JSON object, for example:
{
"C0001": ["essential"],
"C0002": ["analytics_opt_out"],
"C0004": ["advertising", "marketing"]
}
Encode this mapping using encodeURIComponent(JSON.stringify(mapping))
.
- Configure the Mapping: You can provide the
ot_fides_mapping
in one of the following ways:
window.fides_overrides
Object: Add the mapping to thewindow.fides_overrides
object before initializing Fides.
window.fides_overrides = {
ot_fides_mapping: encodeURIComponent(JSON.stringify({
"C0001": ["essential"],
"C0002": ["analytics_opt_out"],
"C0004": ["advertising", "marketing"]
}))
};
window.fides_overrides
is configurable. If you wish to use a different location for your overrides, you may set up the ENV variable FIDES_PRIVACY_CENTER__CUSTOM_OPTIONS_PATH
to the desired location, e.g. window.config.fides_overrides
. Be careful not to use window.Fides.*
as this would override core Fides functionality. - Cookie: Store the mapping in a cookie named
ot_fides_mapping
, which Fides can read during initialization. - Query Parameter: Pass the
ot_fides_mapping
as a query parameter when initializing Fides.js, e.g.https://privacy.example.com/fides.js?ot_fides_mapping=...
.
For more info on your options, see the FidesOptions Interface Guide.
Once this is set up, Fides will automatically read the OneTrust cookie and apply the consent preferences to the Fides cookie.
Edge Cases
- Invalid OneTrust Cookie: If the OneTrust cookie is invalid or malformed, Fides will skip the migration and use default consent settings.
- Non-Existent Mapping: If a category in the OneTrust cookie does not exist in the mapping, it will not affect the Fides consent preferences.