Handling users' cookie consent
Fetch stored cookie preferences from logged-in users and sync them to your CMP
Users set cookie consent choices in Upod. After they log in on your site, you can read those choices and apply them to your cookie banner or Consent Management Platform (CMP).
This works differently from anonymized profile data. Cookie preferences do not require a separate data-access grant in the user's vault. If the user is logged in, you can always fetch them.
When to use this
- Your site has a cookie banner or CMP and you want logged-in Upod users to skip re-consenting
- You run OneTrust (or plan to) and want Upod preferences synced automatically
- You already use Upod for login and want consent to follow the user across sites
Prerequisites
- A working Upod integration with an authenticated session (any getting started path works)
- A cookie banner or CMP on your site, unless you only need the raw preference values
Fetching cookie preferences
The simplest approach is client.getConsent(). It returns each category as a boolean, or null when the user is not logged in or has not saved preferences yet.
const client = upod.initialize({
authority: 'https://account.upod.eu',
client_id: 'your-client-id',
redirect_uri: location.origin + location.pathname,
post_logout_redirect_uri: location.origin + location.pathname,
});
client.handleCallbackIfNeeded();
client.onLogin(async () => {
const consent = await client.getConsent();
if (consent) {
applyCookiePreferences(consent);
}
});
client.onConsentChange(consent => {
if (consent) {
applyCookiePreferences(consent);
}
});onConsentChange fires after login, logout, tab focus, and when the user edits preferences in their vault. You can also listen for the upod:consentchange DOM event.
If you need the raw DPV values from the storage API, call client.fetch() directly. No purpose query parameter is required.
const raw = await client.fetch({
path: '/storage/cookies',
method: 'get',
});See the Cookie preferences reference for the full response schema and TCF mapping table.
Applying preferences manually
Map the boolean values from getConsent() to your CMP categories. Essential cookies are always on in Upod and are not returned by the API:
function applyCookiePreferences(consent) {
enableEssentialCookies();
if (consent.cookiesAndSimilar) {
enableStorageCookies();
} else {
disableStorageCookies();
}
if (consent.advertising) {
enableAdCookies();
} else {
disableAdCookies();
}
if (consent.measurement) {
enableAnalytics();
} else {
disableAnalytics();
}
}CMP adapters
If your site already runs a CMP, you can sync Upod preferences automatically instead of mapping fields yourself. Adapters ship as separate bundles so sites that do not use that CMP do not download extra code.
Each adapter calls client.getConsent() under the hood and refetches on login, logout, tab focus, and vault edits.
OneTrust
Load the main Upod bundle and the OneTrust adapter:
<script src="https://cdn.upod.eu/client/bundle.browser.js"></script>
<script src="https://cdn.upod.eu/client/upod-onetrust.browser.js"></script>Create the adapter after initializing the client:
const client = upod.initialize({
authority: 'https://account.upod.eu',
client_id: 'your-client-id',
redirect_uri: location.origin + location.pathname,
post_logout_redirect_uri: location.origin + location.pathname,
});
upodOneTrust.createOneTrustAdapter({
client,
mode: ['groups'],
mapping: {
cookiesAndSimilar: 'C0001',
measurement: 'C0002',
socialMedia: 'C0003',
advertising: 'C0004',
personalisedContent: 'C0004',
},
alwaysOn: ['C0001'],
combine: 'or',
onLogout: 'keep',
});The OneTrust adapter is not included in bundle.browser.js, so non-OneTrust sites do not download it.
In a bundled app:
import { initialize } from '@datakluis/client-lib';
import { createOneTrustAdapter } from '@datakluis/client-lib/adapters/onetrust';
const client = initialize({ /* ... */ });
createOneTrustAdapter({
client,
mode: ['groups'],
mapping: {
cookiesAndSimilar: 'C0001',
measurement: 'C0002',
socialMedia: 'C0003',
advertising: 'C0004',
personalisedContent: 'C0004',
},
alwaysOn: ['C0001'],
combine: 'or',
onLogout: 'keep',
});Modes
| Mode | What it does |
|---|---|
groups | Maps Upod categories to OneTrust group codes and calls OneTrust.UpdateConsent("Category", payload). |
dataLayer | Pushes normalized consent to window.dataLayer for Tealium or Load Rules. |
Use both when you need group-level sync in OneTrust and purpose-level handling in Tealium:
upodOneTrust.createOneTrustAdapter({
client,
mode: ['groups', 'dataLayer'],
mapping: { /* ... */ },
dataLayer: { key: 'upodConsent' },
});Shared OneTrust groups
advertising and personalisedContent may map to the same OneTrust group (for example C0004) even though they cover different TCF purposes. The OneTrust JS API only supports group-level toggles, so you cannot turn them on independently through the API.
combine: 'or'(default): the group is on if either category is granted.combine: 'and': the group is on only if both are granted.dataLayermode: keep advertising and content distinct in Tealium instead of splitting OneTrust groups.
Demo
See the live OneTrust adapter example for a working demo with a local OneTrust stub.
Notes
- Authentication required. Cookie preferences are fetched in the browser with an active Upod session. If your backend needs the values, see Server-side and backend use.
- Handle failures gracefully. If the fetch fails, show your normal cookie banner.
- Keep mappings in sync. Your
mappingobject must match the group codes configured in your OneTrust admin panel.
Next steps
- Read the Cookie preferences reference for field names, TCF mapping, and raw API types
- Browse the API Reference for
client.getConsent()andclient.onConsentChange() - Try the live examples in your browser