> ## Documentation Index
> Fetch the complete documentation index at: https://docs.databunker.org/llms.txt
> Use this file to discover all available pages before exploring further.

# Create consent by user token

> Stores user consent. The `brief` parameter is a unique consent identifier per user.
Allowed characters: [a-z0-9-], max 64 characters.




## OpenAPI

````yaml /oss/api/openapi.yml post /v1/consent/token/{token}/{brief}
openapi: 3.0.3
info:
  title: Databunker API
  description: >
    Databunker is a super-fast, open-source vault built with Go for secure
    storage of sensitive personal records.


    ## Authentication

    All API requests require authentication using the `X-Bunker-Token` header.
    This token is your root access token.


    ## Content Types

    The API supports the following content types for POST and PUT requests:

    - `application/json`

    - `application/x-www-form-urlencoded`


    ## User Tokens

    Keep the user `{token}` generated by Databunker private, as it serves as an
    additional user identifier.

    Under GDPR, this user token is referred to as a pseudonymized identity.


    For more details, visit: https://databunker.org/
  version: 1.0.0
  contact:
    name: Databunker Support
    url: https://databunker.com
  license:
    name: MIT
    url: https://opensource.org/licenses/MIT
servers:
  - url: http://localhost:3000
    description: Local development server
security:
  - ApiKeyAuth: []
tags:
  - name: User
    description: User personal information management
  - name: User App
    description: Additional user application data
  - name: Session
    description: Secure session storage
  - name: Consent
    description: User consent management
  - name: Agreement
    description: Agreement management
  - name: Request
    description: User privacy requests (GDPR)
  - name: Audit
    description: Audit log access
  - name: Expiration
    description: Data expiration and retention
  - name: System
    description: System administration
paths:
  /v1/consent/token/{token}/{brief}:
    post:
      tags:
        - Consent
      summary: Create consent by user token
      description: >
        Stores user consent. The `brief` parameter is a unique consent
        identifier per user.

        Allowed characters: [a-z0-9-], max 64 characters.
      operationId: createConsentByToken
      parameters:
        - $ref: '#/components/parameters/UserToken'
        - $ref: '#/components/parameters/ConsentBrief'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConsentCreate'
            examples:
              basic:
                summary: Basic consent
                value:
                  message: Optional long text here
          application/x-www-form-urlencoded:
            schema:
              $ref: '#/components/schemas/ConsentCreate'
      responses:
        '200':
          description: Consent created successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SuccessResponse'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
components:
  parameters:
    UserToken:
      name: token
      in: path
      required: true
      description: User token (UUID)
      schema:
        type: string
        format: uuid
      example: db80789b-0ad7-0690-035a-fd2c42531e87
    ConsentBrief:
      name: brief
      in: path
      required: true
      description: Consent brief (unique identifier, max 64 chars)
      schema:
        type: string
        pattern: ^[a-z0-9-]+$
        maxLength: 64
      example: send-sms
  schemas:
    ConsentCreate:
      type: object
      properties:
        status:
          type: string
          enum:
            - accept
            - cancel
          default: accept
          description: Consent status
        message:
          type: string
          description: Text message describing consent
        who:
          type: string
          description: Free text for internal usage
        starttime:
          type: string
          description: >-
            Date & time to automatically enable consent (Unix time or duration
            like '10d')
        endtime:
          type: string
          description: Consent expiration date (Unix time or duration like '1m')
        lawfulbasis:
          type: string
          enum:
            - consent
            - contract-agreement
            - legal-obligations
          default: consent
          description: Legal basis for processing
        module:
          type: string
          default: api
          description: >-
            Module type (e.g., phone-consent, contract, app-consent,
            web-consent, email-consent)
        referencecode:
          type: string
          description: Internal document or contract ID
        lastmodifiedby:
          type: string
          description: Name of person who last modified this record
    SuccessResponse:
      type: object
      required:
        - status
      properties:
        status:
          type: string
          enum:
            - ok
          example: ok
    ErrorResponse:
      type: object
      required:
        - status
        - message
      properties:
        status:
          type: string
          enum:
            - error
          example: error
        message:
          type: string
          description: Error description
  responses:
    BadRequest:
      description: Bad request - invalid input
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            duplicate:
              summary: Duplicate user
              value:
                status: error
                message: user with this email already exists
    Unauthorized:
      description: Unauthorized - invalid or missing token
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            missing:
              summary: Missing token
              value:
                status: error
                message: missing X-Bunker-Token header
    NotFound:
      description: Not found - resource doesn't exist
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/ErrorResponse'
          examples:
            notFound:
              summary: User not found
              value:
                status: error
                message: user not found
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: X-Bunker-Token
      description: Root access token for Databunker API

````