The end-user must be presented a suitable text, describing the consent to be given. The text will be created, based on input from the consent template.
| Scope ID | Globally unique identifier of the resource that the consent is for. Ex. API URL that needs consent. |
| Token name | Name used to lookup the token with consent details in the end of the consent process. In OIDC this is usually id_token, but this might not be a good name for all E-Consent scenarios. |
| Text and relevant translations | Consent text can be presented in different languages. Preferred language is sent to Nets as a parameter when initiating a new consent user dialog (authorisation request). Presented language can be based on ex nationality of user, user's chosen language in a portal or browser settings. |
| Variables | Set of values to be merged into the text in the consent, and additional data fields hidden for the end user, but included in the consent token. |
Consent template Example
Scope ID and Token name:
| Scope ID | https://mybank.com/api/get-account-details |
| Token name | accountdetail_token |
Text and relevant translations:
| English | I accept that [tpp] ([credit_account]) creates AvtaleGiro for account [debit_account] with amount limit [limit] kroner |
| Norwegian | Jeg aksepterer at [tpp] ([credit_account]) oppretter Avtalegiro for konto [debit_account] med beløpsgrense [limit] kroner |
| Swedish | etc. |
| Danish | |
Variables:
| tpp | Bank AS | 3 | 50 |
| credit_account | 12345678987 | 11 | 11 |
| debit_account | 78987654321 | 11 | 11 |
| limit | 500 | 2 | 6 |
| valid_to_date*) | 2019-02-07 | 10 | 10 |
| etc | | | |
*) You can also use variables that is not merged in the consent text and then are invisible.
ex:
thirdparty_id
valid_to_date
The consent text will then look like this
In English:
I accept that Bank AS (12345678987) creates AvtaleGiro for account 78987654321 with amount limit 500 kroner
In Norwegian:
Jeg aksepterer at Bank AS (12345678987) oppretter Avtalegiro for konto 78987654321 med beløpsgrense 500 kroner
