{"id":27998320,"url":"https://github.com/alphagov/consent-api","last_synced_at":"2025-05-08T22:52:25.692Z","repository":{"id":38395617,"uuid":"506561518","full_name":"alphagov/consent-api","owner":"alphagov","description":"Service for sharing user consent to cookies across multiple domains","archived":false,"fork":false,"pushed_at":"2025-03-04T17:07:55.000Z","size":1863,"stargazers_count":8,"open_issues_count":23,"forks_count":0,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-05-08T22:52:04.115Z","etag":null,"topics":["cookie-consent","data-infrastructure","data-infrastructure-team","data-services","sde"],"latest_commit_sha":null,"homepage":"https://consent-api-bgzqvpmbyq-nw.a.run.app","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alphagov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-23T08:41:09.000Z","updated_at":"2025-02-07T23:34:28.000Z","dependencies_parsed_at":"2023-12-18T17:23:43.612Z","dependency_job_id":"e98751fc-769f-46ce-afb0-d1489806c5ea","html_url":"https://github.com/alphagov/consent-api","commit_stats":null,"previous_names":[],"tags_count":89,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alphagov%2Fconsent-api","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alphagov%2Fconsent-api/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alphagov%2Fconsent-api/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alphagov%2Fconsent-api/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alphagov","download_url":"https://codeload.github.com/alphagov/consent-api/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253160828,"owners_count":21863624,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cookie-consent","data-infrastructure","data-infrastructure-team","data-services","sde"],"created_at":"2025-05-08T22:52:24.195Z","updated_at":"2025-05-08T22:52:25.686Z","avatar_url":"https://github.com/alphagov.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Single Consent\n\nThe Single Consent service enables easily sharing a user's consent or rejection\nof cookies across different websites. This ensures a seamless user experience by\nremembering a user's preferences without repeatedly asking for consent.\n\n## How does it work?\n\n1. **Cookie Consent**: When you visit a Single Consent enabled website, you may\n   encounter a pop-up or banner asking for your consent to use cookies.\n\n2. **Unique ID**: If you respond, your consent to (or refusal of) cookies is\n   then submitted to the Single Consent service, which assigns you a randomly\n   generated unique ID. This ID does not contain any personal information about\n   you.\n\n3. **Central Database**: Your consent data is then associated with your unique\n   ID and stored in the central Single Consent database.\n\n4. **Javascript Client**: The website receives your unique ID via the Single\n   Consent client, a small piece of Javascript code embedded in the website.\n\n5. **Link Decoration**: The client automatically appends your\n   unique ID as a parameter to the links you click on which lead to other\n   Single Consent enabled websites.\n\n6. **Consent Lookup**: When a Single Consent enabled website receives a request\n   with a URL containing your unique ID, it uses this ID to look up your consent\n   data in the central database. Using this data, the website can respect your\n   preferences and avoid asking for consent again.\n\n7. **Revoking Consent**: If you change your mind and refuse (or grant) consent\n   to use cookies, you can modify your cookie settings on the current website\n   and it will submit the updated data to the central database, making all other\n   Single Consent enabled websites aware of your changed preferences.\n\n8. **ID Cookie**: The Single Consent client also stores your unique ID in a\n   cookie for the current website, so that if you return to the site without\n   clicking a link (eg via a bookmark, or typing in the URL to the address bar\n   in your browser), your consent preferences will be remembered.\n\n9. **Audit Logging**: Following the CQRS (Command Query Responsibility Segregation) pattern,\n   whenever consent data is written to the PostgreSQL database, an event is also pushed\n   to a BigQuery dataset. This provides a complete audit trail of all consent changes,\n   enabling future analysis and compliance verification if needed.\n\n\n## System Architecture\n\n![System Architecture Diagram](docs/diagram.png)\n\n## Quick Start\n\n### Prerequisites\n- Docker and Docker Compose\n\n### Running Locally\n\n```shell\n# Build and start all services\nmake docker-build\ndocker compose up\n```\n\n## Installation\n\nYou can run all the services without setup needed:\n\n```shell\nmake docker-build\ndocker compose up\n```\n\n\nEach time a file is modified in the applications, the container application will restart.\n\n\n## Integration Tests\n\n```\ncd apps/consent-api/tests\nBASE_URL=http://localhost:8000 poetry run pytest .\n```\n\nYou can also point the integration tests at the cloud instances by specifying the URL.\n\n\n## Documentation\n\n- [Architecture Documentation](docs/architecture.md)\n- [Development Guide](docs/development.md)\n- [Client Library Documentation](client/README.md)\n\n## API Documentation\n\nAPI documentation is available via Swagger UI when running the service locally at:\nhttp://localhost:8000/docs\n\n## License\n\nUnless stated otherwise, the codebase is released under the MIT License. This covers\nboth the codebase and any sample code in the documentation. The documentation is \u0026copy;\nCrown copyright and availabe under the terms of the Open Government 3.0 licence.\n\n## Contact the team\n\nThe Single Consent service is maintained by a team at Government Digital\nService. If you want to know more about the service, please email the Data\nInfrastructure team or get in touch with them on Slack.\n\nTeam email:\n`data-tools-alerts@digital.cabinet-office.gov.uk`\n\nYou can also contact the maintainers of this repository via email:\n\n- Guilhem Forey: `guilhem.forey@digital.cabinet-office.gov.uk`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falphagov%2Fconsent-api","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falphagov%2Fconsent-api","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falphagov%2Fconsent-api/lists"}