Skip to main content
GET
https://api.firmly.work
/
api
/
v2
/
domains
/
{domain}
/
cart
/
consents
Get Consents
curl --request GET \
  --url https://api.firmly.work/api/v2/domains/{domain}/cart/consents \
  --header 'Authorization: Bearer <token>'
{
  "code": 404,
  "error": "ErrorCartNotFound",
  "description": "Cart does not exist for the specified domain"
}

Overview

Retrieves the current consent settings for a customer’s cart session. This endpoint returns all available consent options along with their current status, including whether they have been signed by the customer. Consent management is integrated into the checkout flow to ensure compliance with data protection regulations:
  1. Session-Based: Consents are stored in the cart session and persist until checkout completion
  2. Type-Based: Different consent types (marketing, terms, privacy) are supported
  3. UI Placement: Each consent includes a ui_slot hint for proper placement in your checkout UI
  4. Audit Trail: Signed consents include timestamp, IP address, and user agent for compliance

Response

consents
array
required
Array of consent objects

Code Examples

curl -X GET https://api.firmly.work/api/v2/domains/staging.luma.gift/cart/consents \
  -H "x-firmly-authorization: Bearer YOUR_TOKEN"

Response Example

[
  {
    "id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
    "ui_slot": "UNDER_EMAIL_INPUT",
    "text": "I would like to receive marketing emails about special offers and new products.",
    "html": "I would like to receive marketing emails about special offers and new products.",
    "type": "marketing",
    "explicit": true,
    "required": false,
    "revokable": true,
    "signed": false
  },
  {
    "id": "6ba7b810-9dad-11d1-80b4-00c04fd430c8",
    "ui_slot": "ABOVE_PLACE_ORDER_BUTTON",
    "text": "I agree to the Terms of Service and Privacy Policy.",
    "html": "I agree to the <a href='/terms'>Terms of Service</a> and <a href='/privacy'>Privacy Policy</a>.",
    "type": "terms",
    "explicit": true,
    "required": true,
    "revokable": false,
    "signed": true
  }
]
When no consents have been configured by the merchant:
  • A default marketing consent is provided if marketing_consent_text is configured
  • The default marketing consent is optional and revokable
  • No other consents are created by default

Error Responses

{
  "code": 404,
  "error": "ErrorCartNotFound",
  "description": "Cart does not exist for the specified domain"
}

Common Errors

Error CodeDescriptionResolution
ErrorCartNotFoundCart does not existVerify cart ID and domain
ErrorStoreUnavailableStore service unavailableRetry request
MissingAuthHeaderMissing authorization headerInclude x-firmly-authorization header
InvalidTokenInvalid JWT tokenRefresh authentication token