Product Documentation

Retrieving User Consent Record

When a user accepts the EULA during the consent process, the system records the following details for audit and compliance purposes:

  • User Identification: Tenant + Account Number/Account UIN.
  • Transaction/Session ID: The GUID of the transaction containing the EULA step.
  • Date and Time: The exact timestamp of acceptance (both user's device time and UTC time).
  • EULA Document: A copy of the EULA in the specific language accepted by the user.

This evidence is stored securely and can be retrieved using the authID Blob Storage APIs by following the steps below.

🚧

User Roles

Transaction Result Auditor role is required to invoke this API.

Developer will receive HTTP error code 403 if this role is absent from the access token.

Get the Account UIN

Find an Account UIN for the given Account Number using the Accounts Listing API and providing the ODATA filter for the AccountNumber as shown in the example below, note the sample is URL-encoded.

Make sure the start and size parameters are included, it is required to retrieve the records. Omitting the size parameter will result in the response containing only the record count with no additional details.

curl --location 'https://id.authid.ai/IDCompleteBackendEngine/Default/AdministrationServiceRest/accountList?filter=AccountNumber%2Beq%2B%27MyAccountNumber%27&start=0&size=20'\
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtp...'

The response contains the array of accounts with matching AccountNumber, some fields are omitted for brevity.

"Items": [
        {
            "AccountNumber": "MyAccountNumber",
            "ApplicationId": null,
            "CreatedDate": "2025-03-14T12:37:57.56",
            "DeletedDate": null,
            "UIN": "358bebe4-c19f-42ee-a047-2fb99085293e"
        }
    ],
    "TotalCount": 1
}

🚧

Deleted Accounts

Note that the list may include deleted accounts. Look for non-null DeletedDate in the output.


Retrieve the List of Consent Records:

Use the /history API endpoint of authID Blob Storage APIs .

  • set the payloadType to EulaJson
  • set the accountId to the value of UIN retrieved in the previous step
curl --location 'https://id.authid.ai/documents/history?accountId=c2e4efd1-0690-4098-89fa-a64d951fabc2&payloadType=EulaJson' \
--header 'accept: text/plain' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtp...'

The response contains all the records related to the specified account. If user was re-enrolled, each enrollment transaction is listed.

[
  {
    "entryId": "22919501-36fb-294d-dc91-e0e553b92522",
    "timestamp": "2025-03-13T20:12:23.7573981+00:00",
    "itemAdded": {
      "tenantId": "758e614f-fe5b-4a4c-9f2f-dcc264c06cba",
      "accountId": "c2e4efd1-0690-4098-89fa-a64d951fabc2",
      "trxId": "38a75a15-0326-a737-8359-c452b08d682f",
      "payload": "EulaJson",
      "dataProtection": "None",
      "itemId": "77a6fefe-42e6-423c-9113-8488a49c9d01",
      "size": 532
    },
    "consentAccepted": {
      "stream": {
        "frame": 0,
        "operationId": "38a75a15-0326-a737-8359-c452b08d682f",
        "deviceId": "7cc7fdf9-e73c-4233-b79f-9d9e3d023a48"
      },
      "payload": {
        "when": "2025-03-13T20:12:23.6653476Z",
        "what": "LivenessConsent",
        "status": true,
        "termsAndConditionsUrl": "https://authid.ai/user-terms-privacy/#authID%20Terms%20&%20Conditions%20for%20Users?lang=en-US",
        "contentBlobId": "09f04134-3db6-48cb-956e-60921e2e3c01",
        "contentHash": "F2189DDE787A6A03BC5650DC26AE0E1DAB69C36C819D8E36F0F137F8B07F6CD3"
      }
    }
  },
  {
    "entryId": "22919501-cbc1-f24c-ff3a-cf588ba40432",
    "timestamp": "2025-03-13T20:12:09.0325247+00:00",
    "itemAdded": {
      "tenantId": "758e614f-fe5b-4a4c-9f2f-dcc264c06cba",
      "accountId": "c2e4efd1-0690-4098-89fa-a64d951fabc2",
      ....

Retrieve EULA Content

Use the /blobs/{id} API endpoint of authID Blob Storage APIs .

Append the value of contentBlobId from previous step to the URL to retrieve a copy of the EULA document present at the time of enrollment transaction.

curl --location 'https://id.authid.ai/documents/blobs/09f04134-3db6-48cb-956e-60921e2e3c01' \
--header 'accept: text/plain' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtp...'

The response contains the raw data of consent page, usually HTML. Example below shows beginning of the output:

<!DOCTYPE html>
<html lang="en-US">
<head>
	<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<link rel="pingback" href="https://authid.ai/xmlrpc.php" />
  ....

Updated about 3 hours ago