Consent management provides users with choice and control over sharing their personal data and establishes trust between the users and the service provider. When a user self registers to WSO2 Identity Server, the user is prompted to give consent and agree on the attributes which are shared. This page explains how WSO2 Identity Server handles consent management within the self sign up flow.
Consent management flow for self sign up
- The identity admin can add purposes and PII (Personal Identifiable Information) categories in the super tenant or any other tenant domain, that define the reasons for collecting user information. For more information on how to add purposes and PII categories, see Managing Consent Purposes.
At the point of self-registration, the user is prompted to enter their username that indicates the user's tenant domain. For instance, if the new user is to be registered within the foo.com tenant, the username provided should be as follows: "[email protected]".
For more information on configuring self sign up, see Self Sign Up and Account Confirmation.
- The user is then informed about the user attributes that are collected and the purpose behind collecting it, and then prompted to provide consent. This screen is customized based on the user's tenant as different tenants will have different purposes and required attributes.
- Depending on the preference, users can select which attributes to share and which attributes they wish to opt out of sharing by selecting/unselecting the relevant claims accordingly. A sample user consent request screen is shown below.
- Once registration is completed and the account is activated, the user can login via WSO2 Identity Server dashboard and view/update the provided consent. For more information on managing consent via the dashboard, see Configuring consent for services.
Trying out consent management with self sign up
To try out self sign up and see how consent management is handled within this flow, see Try out self sign up.