Empower users to manage their data privacy choices and meet regulatory compliance
Revoke Consent is a valuable feature that respects users' privacy choices and empowers them to manage their data as they see fit. It allows users to withdraw any previously granted permissions and halt the sharing of specific information with your application.
Revoke Consent is not only a user-centric feature but also a critical element for services striving to meet regulatory compliance, such as GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act).
Revoke Consent helps your application meet legal obligations, respect user privacy, and build trust.
Users have the autonomy to manage all their consents through the HyperID User Portal, independently from an individual Service Providers. Nevertheless, it is advisable for your application to implement this feature as well.
Your application should send next request to HyperID's API, indicating the user's intent to revoke consent:
Request
POST /user/client-consent/revoke HTTP/1.1Host:login.hypersecureid.comContent-Type:application/jsonAuthorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImFjZDc0NGMzLWFlZDMtNGQxMC04ODZhLTcyYjU0MGY4NmU5YSJ9.eyJleHAiOjE2Nzk4MjM1NTEsImlhdCI6MTY3OTgxOTk1MSwiYXV0aF90aW1lIjoxNjc5ODE5OTUxLCJqdGkiOiIzM2ZlNzI2Ni1kOTY2LTRlNDgtYjU2My05ZWNhZTdjMWU3NTEiLCJpc3MiOiJodHRwczovL2xvZ2luLmh5cGVyc2VjdXJlaWQuY29tL2F1dGgvcmVhbG1zL0h5cGVySUQiLCJzdWIiOiI5MTZlMGUyZS00NmQ5LTRiODAtODg1Ni1kZDlmZWRiMWI3MjMiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJjbGllbnQtc2VydmljZS1hcHAiLCJzY29wZSI6Im9wZW5pZCBlbWFpbCBrZXlzIGF1dGgiLCJzaWQiOiI5OTVjNzhhZC1lYmFjLTRhYWYtOTdiZC0xOTQ4ZWMxOWQzNzEiLCJ3YWxsZXRfYWRkcmVzcyI6IjB44oCmIiwid2FsbGV0X2NoYWluX2lkIjoiMSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJlbWFpbCI6InVzZXJAZ21haWwuY29tIn0.h9GusuxDPX8VOjPoZHD73XzktOkVtd1qEz6C8AuBybw
Content-Length:26{"request_id":17}
The authorization header should include a valid and non-expired bearer (access) token. The request_id is necessary to maintain the same ID between the request and response, as the response will contain the same ID.
HyperID notifies your application with next response about the result of consent revocation: