Skip to the content.

Consent API Usage Guide

In the following we describe in details the API and its usage of our consent management implementation in KST Platform.

Consents

Redirects in KST Platform Frontend

The consent request and consent details page have an optional query parameter “redirect_uri”. This parameter accept an URL and after accepting or rejecting the consent request or revoking the KST Platform Frontend redirects the user this URL. Third party applications from data providers, data consumers or data prosumer can use this parameter to integrate the consent creation/revocation flow into the application to achieve a nice user experience for the data owner.

KST Platform backend Internal Data Model

The KST Platform backend internal data model for consents differs from the model the consent API exposes. The data model stores the granted permissions a map with dataItemTypes as keys and a set of operations (provide, consume) as value:

public class Consent {

...

private Map<DataItemType, Set<Operation>> permissions;

...

}

The reason for this is performance and maintainability, because storing the permissions in such a map, we can do many check faster and with less code. In particular we don’t have to iterate through the list of data items upon each request data item consumption or provision request. This is done under the assumption that on average the number of data item consumption and provision requests is much higher then the API requests for consents.

The conversion between the API data model and the internal data model is done upon creation/updating or retrieving a consent via the API, therefore if you encounter performance issues with the consent API it is advised to cache the consents in you application and evict the cache if you get an DataItemNoPermissionException error from the data item API.