Consent

Consent is the step where you allow an application to use your information from an identity provider. For example, an application might ask to see your name, email address, or basic profile details. Before sharing anything, Unit4 Identity Services will show you a consent screen so you know exactly what the application is asking for. You can then choose to allow or deny access, giving you control over what information is shared.

All the User information comes from your Tenant (an external identity provider like Azure Entra or Okta) and not from Unit4 Identity Services. Unit4 Identity Services only relays the authentication request from the application to the Tenant. It is the Tenant that must to be configured to share User information.

Consent records may be viewed and managed in the permission screen.

** Note **

Consent design is important, consent shall be presented in a manner which is clearly distinguishable from the other matters.

The user consent screen is given in the context of a written declaration, and the request for consent shall be presented in a manner which is clearly distinguishable from the other matters, using clear and plain language (Conditions of consent).

An example of the U4IDS consent screen is shown below.

Permission screen

Consent records may be viewed and managed in the permission screen. The user shall have the right to withdraw his or her consent at any time (Conditions of consent).

Clients shown on the page can be filtered out using client URL parameter. Consent can be revoked for the entire client or a scope. Resource scopes for which consent is not required are not shown.

An example of the U4IDS permission screen is shown below.