OpenSPP Documentation v2.0
⌘ K
  • Products
    • OpenSPP SP-MIS
    • OpenSPP Social Registry
    • OpenSPP Farmer Registry
    • OpenSPP DRIMS
    • Features
      • Unified registry
      • GIS & land management
      • Program management
      • Eligibility & targeting
      • Payment & disbursement
      • In-Kind benefits
      • Data integration & APIs
      • Change management
      • Grievance redress
    • What's new in OpenSPP v2
  • Learn
    • Registry
    • Programs
    • Cycles
    • Eligibility
    • Compliance
    • Entitlements
    • Payments
    • Deduplication
    • Change requests
  • Get started
    • Installing OpenSPP
      • Docker installation
    • Module installation
      • SP-MIS installation
      • Social Registry installation
      • Farmer Registry installation
    • Explore OpenSPP
    • Your first household
      • Step 1: Access the Registry
      • Step 2: Create a Household
      • Step 3: Add members
    • Your first program
      • Step 1: Access the program section
      • Step 2: Create your first social protection program
      • Step 3: Import and enroll beneficiaries
      • Step 4: Understanding program cycles
      • Step 5: Distribute entitlements
    • From Proof of Concept to Pilot
  • User guide
    • Getting started
      • Navigating the OpenSPP interface
      • Administrating role-based access
    • Registry
      • Register an individual
      • Register a group
      • Search and filter registrants
      • Import registrant data
      • Export registrant data
    • Change Requests
      • Submit a change request
      • Review a change request
      • Change request types
    • Programs
      • Create programs
      • Manage in-kind products
      • Work with program cycles
      • Enroll beneficiaries
      • Allocate funds to programs
      • Manage entitlements
    • Payments
      • View Service Points
    • Approvals
      • Review and Approve Requests
    • Reference
      • Geographic Areas
      • Vocabularies (Code Lists)
  • Configuration guide
    • OpenSPP Studio
      • Studio Overview
      • Custom Fields (Registry Field Builder)
      • Event Type Designer
      • Change Request Builder
    • CEL expressions
      • CEL quick start
      • CEL syntax reference
      • Variables
      • CEL cookbook
      • CEL troubleshooting
    • Eligibility rules
      • CEL expressions for eligibility
      • Geographic targeting
      • Expression templates
      • Testing eligibility rules
      • Advanced eligibility configuration
    • Entitlement formulas
      • Cash calculations
      • In-kind and basket entitlements
      • Formula library
      • Dynamic entitlements
      • Conditional logic
    • Vocabulary System
      • Vocabulary Overview
      • Standard Vocabularies
      • Vocabulary Profiles
      • Custom Vocabularies
    • Variables & Indicators
      • Variables Overview
      • Creating Variables
      • Variable Types
      • Using Variables in CEL
    • Event Data
      • Event Data Overview
      • Configuring Event Types
      • Defining Event Fields
    • Change request types
      • Overview
      • Creating change request types
      • Field mappings
      • Conflict and duplicate detection
      • Common configuration patterns
      • Custom detail models
      • Troubleshooting
    • Consent configuration
      • Consent management overview
      • Configuring privacy notices
      • Recording consent
      • API consent filtering
    • Role configuration
      • Access control overview
      • Assigning roles to users
      • Predefined roles
      • Creating custom roles
      • Troubleshooting
  • Operations guide
    • Deployment
      • Production Hardening
    • Security
      • Access Control
      • Data Classification
      • PII Encryption
      • Key Management
      • Audit Logging
      • Security Scanning
    • Storage
    • Backup & Recovery
    • Monitoring & Alerts
  • Reference
    • Modules Reference
      • API V2
      • API V2 - Cycles
      • API V2 - Data
      • API V2 - Entitlements
      • API V2 - Products
      • API V2 - Service Points
      • API V2 - Vocabulary
      • Approval Workflows
      • Area Management
      • Audit
      • Banking / Bank Details
      • Base (Common)
      • Base Settings
      • Branding Kit
      • CEL Domain Query Builder
      • CEL Expression Widget
      • Change Request V2
      • QR Credentials (Claim 169)
      • Consent
      • CR Types - Advanced
      • CR Types - Base
      • Custom Fields
      • DCI Client
      • DCI Client - CRVS
      • DCI Client - Disability Registry
      • DCI Client - IBR
      • DCI Server
      • Demo
      • Document Management System
      • Event Data
      • GIS
      • GIS Reports
      • Grievance Redress Mechanism
      • Hide Menus Base
      • Key Management
      • MIS Demo V2
      • Programs
      • Registry
      • Registry Search Portal
      • Security
      • Service Points
      • Source Tracking
      • Starter: Social Registry
      • Starter: SP-MIS
      • Studio
      • Studio - Change Requests
      • Studio - Events
      • User Roles
      • Versioning
      • Vocabulary
      • Theme
    • Vocabulary Reference
    • Humanitarian Terms Glossary
    • OpenSPP Glossary
  • Community and support
    • Contributing
    • Internationalization and Localization
    • Modules Maturity Levels and Development Status Policy
    • Module Lifecycle - Maintainer Role Policy
    • Contributor Covenant Code of Conduct
    • OpenSPP Vulnerability Disclosure Policy
    • Licensing

openspp.org openspp.org

API consent filtering – Configuration guide
  • repository
  • open issue
  • suggest edit
  • .md
Contents
  • How it works
  • Consent summary cache
  • Consent matching modes
    • Category-based consent
    • Specific organization consent
  • Fail-closed design
  • Purpose-based filtering
  • Configuring consent for API access
    • Step 1: Create consent record
    • Step 2: Verify consent summary
    • Step 3: Test API access
  • Organization type codes
  • Best practices
  • Are you stuck?
  • See also

API consent filtering

Contents

  • How it works
  • Consent summary cache
  • Consent matching modes
    • Category-based consent
    • Specific organization consent
  • Fail-closed design
  • Purpose-based filtering
  • Configuring consent for API access
    • Step 1: Create consent record
    • Step 2: Verify consent summary
    • Step 3: Test API access
  • Organization type codes
  • Best practices
  • Are you stuck?
  • See also

API consent filtering#

This guide is for implementers understanding how consent controls API data access. OpenSPP uses a fail-closed design where data cannot be shared via API without valid consent.

How it works#

Partner API Request → Check consent_summary → Filter response → Return data

  1. Partner makes API request for beneficiary data

  2. System checks beneficiary's cached consent_summary field

  3. Consent determines if partner can access data

  4. API returns data only if consent allows

Consent summary cache#

Each registrant has a consent_summary JSON field that caches their active consents for fast API filtering. This enables O(1) consent checks instead of querying consent records on every request.

Structure:

{
  "organization_types": ["government", "ngo", "un"],
  "purposes": ["SPRegistration", "SPBenefitDelivery"],
  "specific_recipients": [123, 456],
  "last_updated": "2024-03-15T10:30:00"
}

The cache updates automatically when:

  • A new consent is recorded

  • Consent status changes

  • Consent expires or is withdrawn

Consent matching modes#

Category-based consent#

Beneficiary consents to share with types of organizations (e.g., "all NGOs").

Example consent record:

Field

Value

Recipient Mode

Organization Categories

Allowed Organization Types

Government Agency, NGO, UN Agency

API behavior:

  • Requests from partners with matching org type → Data returned

  • Requests from partners without matching org type → Minimal data only

Specific organization consent#

Beneficiary consents to share with named organizations.

Example consent record:

Field

Value

Recipient Mode

Specific Organizations

Data Recipients

UNICEF Kenya, Red Cross

API behavior:

  • Requests from listed partners → Data returned

  • Requests from unlisted partners → Minimal data only

Fail-closed design#

When consent is missing or invalid, the API fails closed:

Situation

API behavior

No consent record

Minimal data only

Consent expired

Minimal data only

Consent withdrawn

Access denied

Consent refused

Access denied

Valid consent

Full data access

Minimal data typically includes only the identifier to confirm the record exists.

Purpose-based filtering#

Consent can be limited to specific purposes. The API checks if the requesting purpose matches the consent.

Example:

  • Consent purposes: Beneficiary Registration, Benefit Delivery

  • API request purpose: Research → Access denied

  • API request purpose: Benefit Delivery → Access granted

Configuring consent for API access#

Step 1: Create consent record#

Record consent for the beneficiary with appropriate settings:

Field

Value for API access

Status

Given

Legal Basis

Consent (or appropriate basis)

Purposes

Select purposes the partner needs

Recipient Mode

Category OR Specific

Recipients

Select org types or specific partners

Expiry Date

Set appropriate validity period

Step 2: Verify consent summary#

After saving, check the beneficiary's record to confirm consent_summary updated.

Step 3: Test API access#

Use the API V2 endpoint to verify access:

GET /api/v2/spp/Individual/{identifier}

Check that:

  • Response includes expected fields

  • Partner without consent gets minimal response

  • Expired consent blocks access

Organization type codes#

Use these codes when checking consent programmatically:

Organization Type

Code

Government Agency

government

NGO / Non-Profit

ngo

International NGO

ingo

UN Agency

un

Private Sector

private

Research Institution

research

Other

other

Best practices#

  1. Set reasonable expiry dates - Consent should expire and require renewal (1-2 years typical)

  2. Use category-based consent for flexibility - Allows new partners of same type without re-consenting

  3. Document the purpose - Clear purposes help with audit and compliance

  4. Monitor expired consents - Use the Expired Consents view to track renewals

  5. Test with different partners - Verify consent filtering works correctly

Are you stuck?#

Partner getting empty responses?

Check:

  • Consent status is "Given" or "Renewed"

  • Consent hasn't expired (check expiry date)

  • Partner's organization type matches allowed types

  • OR partner is in the specific recipients list

  • Purpose in API request matches consent purposes

How do I grant different access to different partners?

Use category-based consent with organization types. Partners in different categories get different access based on consent.

Can I change consent without re-collecting?

You can change consent only while status is "Requested". Once status is "Given", consent terms are locked. Create a new consent record if changes are needed.

What if a beneficiary has multiple consent records?

The most permissive active consent applies. The consent_summary aggregates all valid consents, combining organization types, purposes, and recipients.

See also#

  • Consent management overview - Consent concepts and lifecycle

  • Recording consent - How to record consent

previous

Recording consent

next

Role configuration

By The OpenSPP community
© Copyright OpenSPP.

The text and illustrations in this website are licensed by the OpenSPP Project under a Creative Commons Attribution 4.0 International license. All other trademarks are owned by their respective owners.