Overview
This article contains methods to check whether a user is prompted to give consent to an application during their current flow or if they have already consented before.
Applies To
- Consent
- Authorized applications
Solution
- Include prompt=consent in the call towards the /authorize endpoint to prompt users to consent forcefully.
- In a post-login action, use the event.transaction?.prompt optional property and check its value to see what prompt was given.
- Once a user consents, the application will appear under the user’s authorized applications list.
- This can also be verified by going to the Dashboard, navigating to User Management > Users, selecting a user, and switching to the Authorized Applications tab.
- Use the Get grants Management API endpoint to get a list of all users with authorized applications enabled.
- The response contains user_id and clientID pairings, among other fields. The user_id is the identifier of an existing user, and the clientID corresponds to an application.
- This makes it possible to check whether a user has previously consented to a specific application.