REST API – Authorization Form Consent Creation – Cloud Compliance

Updated on February 26, 2023

The Authorization Form Consent record is created which is used as proof related to each customer’s consent to Terms & Conditions, Privacy policy, etc. This will help the user to create a full picture of the customer’s consent to the various authorization forms.

In this REST call, the API method is used to create a corresponding ‘Authorization Form Consent’ record that is linked to both the Individual Id and the T&C/Privacy Policy Id. 

The POST method for Authorization Form Consent record creation is as follows:-

URL –  For POST Method.

/services/apexrest / PCCC_DM / v1 / AuthorizationFormConsentRestAPI
Request Body  - 
"AuthFormRequest": [{
"consentGiverId": "0PK0b000000Ckz4GAC",
"privacySiteId": "a0R0b00000BAshKEAT",
"authFormTextId": "0cN0b0000000001EAA",
"status": "Signed",
"consentCaptureSourceType": "Web",
"consentCaptureSource": "Web"

The details of all these parameters are as follows – 

  1. consentGiverId is the Individual ID of the Contact/Lead record.
  2. privacySiteId is the lookup of a field that will be useful to link privacy sites so as to store consent for the Privacy Policy, Terms & Conditions, or End User License agreements.
  3. authFormTextId Manages the text associated with the authorization form. Users can also include a summary to describe the form’s purpose and display it to customers when asking for their consent. This is the required field that can be hardcoded.
  4. Status is the standard picklist field on the authorization consent form object with values such as ‘Seen’ or ‘Signed’ (Restricted Picklist Field). This is the optional field that can be hardcoded.
  5. consentCaptureSourceType is a standard picklist field on the authorization consent form which highlights communication preference for the consent captured (Restricted Picklist Field). This is the required field that can be hardcoded.
  6. consentCaptureSource is a standard field (Textarea 255)  on the authorization consent form which populates the channel or source by which the consent is acquired. This is the required field that can be hardcoded.

Solution Steps

Prerequisite – It is necessary to have at least one record of the salesforce standard object “Authorization Form”, “Authorization Form Text” and  Cloud Compliance’s custom object “Privacy Site”.

1. Navigate to a salesforce contact record for which users want to manage their consents. This contact record will have an association with the Individual.

Note– If the individual is not associated with the contact record, the user can run the auto Auto creation of the Individual batch provided by “Cloud Compliance”. It will create individual records for each Contact/Lead record based on defined criteria. 

For more details about this batch refer to this link Grouping Rules for Individual.

2. Navigate to that Individual record to get its Id. Copy the record Id from the URL. For reference, the id is highlighted in the URL in the screenshot –

3. The user next needs to go to the “Privacy Site” record and get the Privacy site id.

4. Also, get the id of the “Authorization Form Text” record which is already created.

5. Navigate to a REST tool such as Salesforce developer workbench, Postman, Insomnia, etc. 

Note – This example uses Salesforce Developer Workbench. For more information on Workbench Click here

6. Navigate to the ‘REST Explorer’ from Utilities tab within the workbench and select the “POST” method

7. For the “POST” method, enter the Cloud Compliance’s REST API URL which is already mentioned above.

8. Copy the Individual Id (consentGiverId) and other required data in the JSON format of the request body as shown below –


9. Click the “Execute” button to invoke the REST API.

10. The REST API returns an authFormSFId which is nothing but the Id of the newly created “Authorization Form Consent” record and a success status as true/false.

11. The authorization form consent record in Salesforce will be as follows – 

Note – NAME is a standard field on the Authorization Form Consent object. If the user does not pass this value through APEX API  then it will be populated as a current date-time stamp with the “CC” as the prefix.