This page is subject to modifications and clarification changes including but not limited to examples of CA APIs signaling changes to a consent contract.
A digi.me third-party app creates a consent certificate to display to an individual who is running this third-party app.
...
- here are the link to the developer site: https://developers.digi.me
- At the highest level, Consent Access (CA) is an API from digi.me that enables you to ask a user for consent to access some of their data. You do this by proposing a contract with the user that spells out what type of data you want, what you will and won't do with it, how long you will retain it and if you will implement the right to be forgotten.
1. Register one or more CA contracts with digi.me and specify a PUBLIC_KEY with which digi.me can encrypt user data for your app
2. Initiate CA by calling the digi.me app with your app_id and contract_id
3. The digi.me app will fetch the contract, present it to the user and ask for consent
4. If the user accepts the contract, two things happen:- The CA API starts preparing user data for your app according to what was specified in the contract
- The CA API will return a session_id to your app5. Using your app_id and session_id , you will query the API for available data (contained in files)
6. For each available file, you will:- Fetch the file
- Decrypt it using your PRIVATE_KEY
...