> ## Documentation Index
> Fetch the complete documentation index at: https://developers.firmly.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Consents

> Retrieves consent settings for the current cart session

## Overview

Retrieves the current consent settings for a customer's cart session. This endpoint returns all available consent options along with their current status, including whether they have been signed by the customer.

## How Consent Management Works

Consent management is integrated into the checkout flow to ensure compliance with data protection regulations:

1. **Session-Based**: Consents are stored in the cart session and persist until checkout completion
2. **Type-Based**: Different consent types (marketing, terms, privacy) are supported
3. **UI Placement**: Each consent includes a `ui_slot` hint for proper placement in your checkout UI
4. **Audit Trail**: Signed consents include timestamp, IP address, and user agent for compliance

## Response

<ResponseField name="consents" type="array" required>
  Array of consent objects

  <Expandable title="Consent Object">
    <ResponseField name="id" type="string" required>
      Unique identifier for the consent
    </ResponseField>

    <ResponseField name="ui_slot" type="string" required>
      UI placement hint for the consent

      **Possible values:**

      * `UNDER_EMAIL_INPUT` - Display under email field
      * `ABOVE_PLACE_ORDER_BUTTON` - Display above order button
      * `AFTER_SHIPPING_INFO` - Display after shipping form
    </ResponseField>

    <ResponseField name="text" type="string" required>
      Plain text version of the consent for accessibility
    </ResponseField>

    <ResponseField name="html" type="string" required>
      HTML version with rich formatting and links
    </ResponseField>

    <ResponseField name="type" type="string" required>
      Type of consent

      **Possible values:**

      * `marketing` - Marketing communications
      * `terms` - Terms of service
      * `privacy` - Privacy policy
      * `custom` - Custom consent type
    </ResponseField>

    <ResponseField name="explicit" type="boolean" required>
      Whether explicit consent action is required
    </ResponseField>

    <ResponseField name="required" type="boolean" required>
      Whether this consent must be signed to complete checkout
    </ResponseField>

    <ResponseField name="revokable" type="boolean" required>
      Whether the consent can be revoked after being signed
    </ResponseField>

    <ResponseField name="signed" type="boolean" required>
      Whether the customer has signed this consent
    </ResponseField>
  </Expandable>
</ResponseField>

## Code Examples

<CodeGroup>
  ```bash cURL theme={null}
  curl -X GET https://api.firmly.work/api/v2/domains/staging.luma.gift/cart/consents \
    -H "x-firmly-authorization: Bearer YOUR_TOKEN"
  ```

  ```javascript JavaScript theme={null}
  const response = await fetch('https://api.firmly.work/api/v2/domains/staging.luma.gift/cart/consents', {
    method: 'GET',
    headers: {
      'x-firmly-authorization': 'Bearer YOUR_TOKEN'
    }
  });

  const consents = await response.json();
  ```

  ```python Python theme={null}
  import requests

  response = requests.get(
      'https://api.firmly.work/api/v2/domains/staging.luma.gift/cart/consents',
      headers={
          'x-firmly-authorization': 'Bearer YOUR_TOKEN'
      }
  )

  consents = response.json()
  ```

  ```php PHP theme={null}
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, 'https://api.firmly.work/api/v2/domains/staging.luma.gift/cart/consents');
  curl_setopt($ch, CURLOPT_HTTPHEADER, [
      'x-firmly-authorization: Bearer YOUR_TOKEN'
  ]);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

  $response = curl_exec($ch);
  $consents = json_decode($response, true);
  curl_close($ch);
  ```
</CodeGroup>

## Response Example

```json theme={null}
[
  {
    "id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
    "ui_slot": "UNDER_EMAIL_INPUT",
    "text": "I would like to receive marketing emails about special offers and new products.",
    "html": "I would like to receive marketing emails about special offers and new products.",
    "type": "marketing",
    "explicit": true,
    "required": false,
    "revokable": true,
    "signed": false
  },
  {
    "id": "6ba7b810-9dad-11d1-80b4-00c04fd430c8",
    "ui_slot": "ABOVE_PLACE_ORDER_BUTTON",
    "text": "I agree to the Terms of Service and Privacy Policy.",
    "html": "I agree to the <a href='/terms'>Terms of Service</a> and <a href='/privacy'>Privacy Policy</a>.",
    "type": "terms",
    "explicit": true,
    "required": true,
    "revokable": false,
    "signed": true
  }
]
```

## Default Consent States

When no consents have been configured by the merchant:

* A default marketing consent is provided if `marketing_consent_text` is configured
* The default marketing consent is optional and revokable
* No other consents are created by default

## Error Responses

<ResponseExample>
  ```json theme={null}
  {
    "code": 404,
    "error": "ErrorCartNotFound",
    "description": "Cart does not exist for the specified domain"
  }
  ```
</ResponseExample>

### Common Errors

| Error Code              | Description                  | Resolution                            |
| ----------------------- | ---------------------------- | ------------------------------------- |
| `ErrorCartNotFound`     | Cart does not exist          | Verify cart ID and domain             |
| `ErrorStoreUnavailable` | Store service unavailable    | Retry request                         |
| `MissingAuthHeader`     | Missing authorization header | Include x-firmly-authorization header |
| `InvalidToken`          | Invalid JWT token            | Refresh authentication token          |