Consent

For users the authentication experience includes a consent screen that describes the information that the user gives permissions to. The user can allow or deny the application to get access to the data that the user owns. It will help users to control their privacy.

Consent records and the history of their approval or denial may be viewed and managed in the permission screen.

** Note **

Consent design is important, consent shall be presented in a manner which is clearly distinguishable from the other matters.

The user consent screen is given in the context of a written declaration, and the request for consent shall be presented in a manner which is clearly distinguishable from the other matters, using clear and plain language (Conditions of consent).

An example of the U4IDS consent screen is shown below.

Permission screen

Consent records may be viewed and managed in the permission screen. The user shall have the right to withdraw his or her consent at any time (Conditions of consent).

Clients shown on the page can be filtered out using client URL parameter. Consent can be revoked for the entire client or a scope. Resource scopes for which consent is not required are not shown.

An example of the U4IDS permission screen is shown below.