When a client asks for access to some scopes/protected resource and a user has not been given consent to the scopes yet, he will be asked to give consent. The consent module supports the following functionality:
- Allows a user to give consent to what claims should be issued to an Service Provider
- Allows a user to revoke consent he has given before.
There will be a consent page that turns up just after logging in. The display logic is: It only turns up IF (((there actually exist consent claim sets related to the Protocol Connection) OR (there exists Scopes related to the Protocol Connection)) AND ((User‘s “Remember Consent” on the Protocol Connection is False) OR (the setting “Remember Consent” on the Protocol Connection is False))).
When the setting “Remember Consent” on the Protocol Connection is True, a check box will appear on the consent box saying “This consent also applies to my future login to this site.”
If the user does not exist in the Identify User Storage, then this check box is never shown on the consent page.
In addition, when a user goes to a consent page that he has visited before, his earlier consent options (if such exist) will be loaded as defaults.
The Continue button will only be activated if all required claim sets and scopes have been agreed to.
Currently, all Protocol Connections support this consent page.