Consent proof PDF

GET 
/api/v1/consent-proof/:visitorId

Generates a tamper-evident PDF receipt proving a visitor's consent. Required by GDPR Article 7(1). The PDF contains the receipt ID, domain, visitor ID, dates, action, the category table and a HMAC-SHA256 signature. The IP address appears only in masked form, and the PDF never contains client details or internal IDs. Rate limit: 20 requests per minute per domain.

Request

Responses

200

The consent proof PDF.

401

Invalid API key. The response is identical for a missing, invalid or inactive key.

404

No consent record exists for this visitor.

429

Rate limit exceeded for this key, IP or endpoint.