Skip to main content

API Reference

UnifiedConsentByOsanoSDK

getToken

Method that returns a token, which can then be used to instantiate a UnifiedConsentByOsanoClient. Meant to be called on a server side to protect the configId, collectionId, and customerId values. Please see scopes for reference.

Example:

import { UnifiedConsentByOsanoSDK, Scopes } from '@unifiedconsentbyosano/cmp-javascript-sdk'

const scopes = [Scopes.ConsentWrite]

const accessToken = await UnifiedConsentByOsanoSDK.getToken(
{
/** URL of authorization services provider */
issuer: string,
/** The config Id */
configId: string,
/** The Collection Id */
collectionId: string,
/** The Client Id */
customerId: string
}
)

createClient

The UnifiedConsentByOsanoClient can be used from a browser or node environment. It requires the ClientConfig parameter with an access token to be able to instantiate it. Returns a UnifiedConsentByOsanoClient instance.

Signature:

UnifiedConsentByOsanoSDK.createClient(ClientConfig): UnifiedConsentByOsanoClient

Example:

import { UnifiedConsentByOsanoSDK } from 'unifiedconsentbyosano/cmp-javascript-sdk'

const client = UnifiedConsentByOsanoSDK.createClient({
token: accessToken,
apiUrl: 'https://uc.api.osano.com',
})

registerPrivacyProtocols

Method to register the Privacy Protocols. This method is only available for the browser environment. Parameters: PrivacyProtocolsConfig

Signature:

UnifiedConsentByOsanoSDK.registerPrivacyProtocols(PrivacyProtocolsConfig): Promise<void>

Example:

import { UnifiedConsentByOsanoSDK } from '@unifiedconsentbyosano/cmp-javascript-sdk'

await UnifiedConsentByOsanoSDK.registerPrivacyProtocols(
{
/** Osano's Unified Consent API URL */
apiUrl: string,
/** Write only api key*/
apiKey: string,
/** Gpc attributes*/
attributes?: Record<string, any>
}
)

initEmbeddedParent

Creates an EmbeddedHandler instance and initializes the SDK for the embedded experience. This method is only available for the browser environment.

Parameters: EmbeddedConfig

Signature:

UnifiedConsentByOsanoSDK.initEmbeddedParent(config: EmbeddedConfig): EmbeddedHandler

Example:

import { UnifiedConsentByOsanoSDK } from './UnifiedConsentByOsanoSDK'

const embeddedClient = UnifiedConsentByOsanoSDK.initEmbeddedParent({
targetIframe: document.getElementById('iframeId'),
})

UnifiedConsentByOsanoClient

createConsent

Parameters: CreateConsentPayload
Scopes: ConsentWrite

async createConsent(payload: CreateConsentPayload): Promise<string>

getChannelConfig

Retrieves the channel for a given channelId.

Parameters: channelId
Returns: Channel
Scopes: ConsentRead

async getChannelConfig(channelId: string): Promise<Channel>

getUnifiedConsent

async getUnifiedConsent(subjectId?: string): Promise<GetUnifiedConsentResponse>

getProfileVerificationCode

Generates and returns a 6-digit profile verification code for a profile by email

async getProfileVerificationCode(email: string): Promise<string>

hasConsents

Returns true or false if at least one consent exists for the given subject

async hasConsents({ subjectId?: string }): Promise<boolean>

login

Stores the given verified ID and uses it in future subject-aware endpoints like createConsent, getUnifiedConsent, etc to avoid having to pass the subject. It calls mergeSubjects internally to honor choices made as an anonymous user. This only works in a browser environment.

async login(verifiedId: string): Promise<void>

loginFromSession

Given a valid Session ID generated via SSO login, this method will work exactly like login, resolving the verified ID and, if available, basic profile information. It calls mergeSubjects internally to honor choices made as an anonymous user. The return value of this method is a Session. This only works in a browser environment

async loginFromSession(sessionId: string): Promise<Session>

logout

Removes the associated verified ID and generates an anonymous ID instead to be used in subject-aware endpoints when a subject is not explicitly provided. This only works in a browser environment.

logout(): void

mergeSubjects

Merges the consents of the source subject into the target subject.

async mergeSubjects(sourceSubjectId: string, targetSubjectId: string): Promise<void>

saveProfile

Creates or updates a user profile in the system and returns their verified ID

async saveProfile({ email: string, profile: any }): Promise<string>

subject

Getter to access the Subject, if provided when instantiated

subject(): Subject

verifySubjectProfile

Recieves a verification code generated with getProfileVerificationCode. Returns the verified id of the subject

async verifySubjectProfile({ email: string, verificationCode: string }): Promise<string>

Subject

A subject represents the person that's giving consent.

A Subject might have two different ids. When they are not identified in the system, this SDK will generate a random UUID to identify the current device. Once the Subject is logged into the system, it can be converted to a verified Subject. A verified Subject has a custom id arbitrarily provided by you.

verified()

Creates a Subject with a verified ID from the third party system

::: tip The verified ID should not contain PII or sensitive information :::

Signature

static verified({
id: string,
profile?: {
email: string,
firstName?: string,
lastName?: string
}): Subject

Example

const subject = Subject.verified('some-internal-id')

anonymous()

This will generate a subject with an auto-generated UUID

static anonymous(): Subject

Example

const subject = Subject.anonymous()

EmbeddedHandler

Handler to send and receive events from a parent window to a child iframe. This client is only available for the browser environment

Types of messages

Messages are specific events that exist only in the browser environment and are triggered when some specific actions are issued in the context of an embedded experience.

Message typeDescriptionPayload
loginTriggered upon successful loginSubject
logoutTriggered upon successful logoutSubject
consent:writeTriggered when a consent is createdAction[]

on

Receives events from the child iframe and declares its behavior

Parameters: MessageType, MessageListener

Signature:

on(type: MessageType, listener: MessageListener): void

Example:

embeddedClient.on(MessageType.LOGIN, (message) => {
const { subject } = message.data
})

send

Sends events to the child iframe

Signature:

send(message: Message): void

Example:

embeddedClient.send({ type: MessageType.LOGIN, data: { subject } })

getParentDomain

Gets the domain from the parent window once the handshake between parent and child is completed. Until then, it returns undefined.

Signature:

getParentDomain(): string | undefined