Third-party consents
Description of third-party application consents
Concept
Cloudentity Authorization Control Plane (ACP) gives the users control over their data shared with third-party applications. Whenever a third-party application requests user’s data, a user’s consent is required.
Features
Since ACP focuses on the user privacy and the compliance with privacy regulations, it strives to ensure that consents are as informative and unambiguous as possible.
The users are clearly informed about scopes of consents. They also learn about consequences of sharing any data, third-party privacy policies, and transparency regarding each data elements shared.
Consents and policies
Authorization policy checks allow to request the user to perform an additional authorization before granting the consent with a scope (for example, two-factor authentication). It enables the user to make conscious decisions and improve the quality of consents.
Note
ACP allows to opt out from granting specific consent scopes by default for global user consents in the privacy checkup. It can be configured with an authorization policy per consent scope.
Monitoring consents
In the ACP user portal, the end user can view and control all consents given to third-party applications to access their data.