Salesforce consent management allows you to track your customers’ approval for how your company interacts with them. As an example,

• Customers intend to receive marketing promotions through emails,
• A customer has opted out/in for the fax or call.

Consent API and Consent Write API reads and write permission across the Contact, Contact Point Type Consent, Data Use Purpose, Individual, Lead, Person Account, and User objects when the records have a lookup relationship. APIs access organization-wide consent data, such as links between records and the value of consent flags, rather than just records to which the user has normal access.

Consent API

• Fetch consent settings for Lead, Contact, User, Person Account, or Individual object records.
• Fetch aggregated consent data
• API is available with version 44.0 and later.
• Multiaction endpoint is allowed with version 45.0 and later.

Permissions needed

View All Data or Allow User Access to Privacy Data user permission.

Consent API Syntax

URI
/services/data/vXX.X/consent/action/<action>?ids=list_of_Ids
/services/data/vXX.X/consent/multiaction?actions=list_of_actions&ids=list_of_Ids

Formats
JSON

HTTP methods
GET

Authentication
Authorization: Bearer token

Request body
None

Required Parameters

Example

/services/data/v55.0/consent/action/email?ids=test@test.com, test2@test.com

Response

{
“test@test.com” : {
“result” : “Success”,
“proceed” : {
“email” : “true”
“emailResult” : “Success”
},
“explanation” : [ {
“objectConsulted” : “ContactTypePointConsent”,
“status” : “opt_in”,
“purpose” : “billing”,
“recordId” : “003xx000004TxyY”,
“value” : “true”
},{
“objectConsulted” : “Contact”,
“field” : “HasOptedOutOfTracking”,
“recordId” : “1”,
“value” : “true”
}]
},
“test2@test.com” : {
“result” : “Success”,
“proceed” : {
“email” : “false”
“emailResult” : “Success”
},
“explanation” : [ {
“objectConsulted” : “Contact”,
“field” : ” HasOptedOutOfFax”,
“recordId” : “00Qxx00000skwO”,
“value” : “true”
} ]
}
}

Consent Write API

• A single API call can update and write consent across multiple records.
• API is available starting with version 48.0 and up.

Permissions needed

ModifyAllData or the ConsentApiUpdate user permission.

Consent Write API Syntax

URI
/services/data/vXX.X/consent/action/<action>?ids=<email-OR-recordID>

Formats
JSON

HTTP methods
PATCH

Authentication
Authorization: Bearer token

Request body
Only Salesforce CDP uses the request body. Pass in an empty object if there is nothing to pass in the request body.

Required Parameters

Example

/services/data/v55.0/consent/action/<action>?ids=test@test.com&status=<optout/optin/seen/notseen>

Response

{
“test@test.com” : {
“result” : “Success”,
“edited” : [{
“objectType” : “<Contact, Lead, User, etc.>”,
“field” : “<HasOptedOutofFax, DoNotCall,etc>”,
“valueOfField” : “<true/false>”,
“id” : “<recordID>”
}],
}
}

Action

Allowed values of action for the APIs are:

• email
• fax
• geotrack
• mailing
• phone
• portability
• process
• profile
• shouldForget
• social
• solicit
• storePiiElsewhere
• track
• web

Limitations

Consent API and Consent Write API can’t locate records in which the email address field is protected by Platform Encryption.