API

Usage

The Didomi Web SDK exposes a complete API on the page via JavaScript for interacting with the Didomi platform. This allows your scripts to programmatically interact with the Didomi SDK. You can check the user consent status, register consents that you would collect yourself, and show/hide the Didomi UI.

Didomi ready

The API is exposed on the window.Didomi object. All calls to the Didomi API (except for the standard IAB __cmp function) must be enclosed within a window.didomiOnReady callback to ensure that the SDK is ready before calling it:

Plain Javascript
React
<script type="text/javascript">
window.didomiOnReady = window.didomiOnReady || [];
window.didomiOnReady.push(function (Didomi) {
// Call other functions on the SDK
});
</script>
onDidomiReady(didomi) {
console.log('Didomi Ready');
// Call other functions on the SDK
}
...
<DidomiSDK
...
onReady={this.onDidomiReady.bind(this)}
/>

postMessage API

If your JavaScript is not directly present on the page where the Didomi Web SDK is embedded but is present within an iframe on that page, you can communicate with the Didomi Web SDK through the postMessage API of the browser.

Messages structure

The Didomi API is exposed with the same structure as the IAB CMP API.

The message to send should have the below form where:

  • command is the name of the function on the window.Didomi object to call

  • parameter is an array of parameters passed to the function called on the window.Didomi object

  • callId is a unique value that will be sent back with the response from Didomi, allowing you to identify what call the response is for

window.parent.postMessage({
__cmpCall:
{
command: "*command*",
parameter: [param1, param2, ...],
callId: *uniqueId*
}
}, "*");

The Didomi Web SDK will send back the message below to your frame with the postMessage API containing a response for your command where:

  • returnValue is the value returned by the API function called

  • success is a boolean flag indicating whether the call was successful or not

  • callId is the unique value provided as callId in your original message

{
__cmpReturn:
{
returnValue: *returnValue*,
success: *boolean*,
callId: *uniqueId*
}
}

Here is a complete example for calling a function of the API and collecting the response:

window.addEventListener(
"message",
function (event) {
try {
var data = typeof event.data === "string" ? JSON.parse(event.data) : event.data;
if (data && data.__cmpReturn) {
// data.__cmpReturn contains the response from the CMP
if (data.__cmpReturn.callId === "get-user-consent-status-for-google") {
// This is the response to our call for getting the consent status for Google
// The status is in data.__cmpReturn.returnValue
// Do something
}
}
} catch(e) {
// An error happened when decoding the message data
// Most likely, the message wasn't related to the CMP so do nothing
}
},
false
);
window.parent.postMessage({
__cmpCall:
{
command: "getUserConsentStatusForVendor",
parameter: ["google"],
callId: "get-user-consent-status-for-google"
}
}, "*");

Determining the frame containing the Didomi CMP

The frame to send the postMessage to can be determined by the ancestor with a .frames["cmpLocator"] child iframe present.

If your code runs in a direct iframe of the page containing the window.Didomi object then you can simply use window.parent as the reference to send messages to.

If your code might run multiple levels removed from the frame containing the window.Didomi object, you can search for the correct frame to send a message to with the following code:

var f = window;
var cmpFrame;
while(!cmpFrame) {
try {
if(f.frames["__cmpLocator"]) cmpFrame = f;
} catch(e) {}
if(f === window.top) break;
f = f.parent;
}

Functions

__cmp(command, parameter, callback)

Didomi is fully compliant with the CMP API from the IAB Transparency and Consent framework. We expose a __cmp function and listen to postMessage events as per the specification.

Example (getting the IAB consent string):

__cmp('getConsentData', null, function (result) {
// The IAB consent string is available in the `consentData` property of the object
console.log(result.consentData);
});

Read more on the IAB documentation.

getExperiment()

Get the currently configured AB test (experiment) and the user information for that test.

Parameters

No parameter.

Returns

An object with the following properties:

Name

Type

Description

id

string

ID of the experiment as configured in your tag

group

string

Group that the user is assigned to for the experiment

control if the user is part of the control group

test if the user is part of the test group

null if the user is not part of the experiment

size

number

Size of the test group (number between 0 and 1)

startDate

string

Start date of the test as ISO 8601 with millisecond precision

Example

{
"id": "experiment-id",
"group": "control",
"size": 0.1,
"startDate": "2019-03-06T23:38:50.000Z"
}

getObservableOnUserConsentStatusForVendor(vendorId)

Get an observable on the consent status of a specific vendor. By subscribing to the observable, you can define a function that gets called whenever the consent status of a specific vendor changes. It also allows you to filter for specific types of updates so that you can react to certain events only. It is an alternative to listening to the consent.changed event that helps in dealing with vendor-specific operations.

This is commonly used to observe the consent status for a vendor to decide when to load/enable the vendor on a page.

Parameters

Name

Type

Description

vendor

string

The ID of vendor that to check the user consent for. If you are checking an IAB vendor, use an integer instead of a string. Custom vendor IDs must be prefixed with c:.

Returns

Observable on the consent status of the vendor.

The observable is not a real RxJS observable and only supports the following operators: distinctUntilChanged, filter and first. These operators behave the same as in RxJS.

Examples:

Example 1 - Get all updates to the consent status for a vendor

With this structure, your function gets called when the user gets on the page and every time the consent status of the user changes.

Didomi.getObservableOnUserConsentStatusForVendor('vendor-id')
.subscribe(function (consentStatus) {
if (consentStatus === undefined) {
// The consent status for the vendor is unknown
} else if (consentStatus === true) {
// The user has given consent to the vendor
} else if (consentStatus === false) {
// The user has denied consent to the vendor
}
});

Example 2 - Get updates when the consent status is true or false

With this structure, your function only gets called after the user has given consent information. It could be on page load if the user had already given consent on a previous page or every time the user interacts with the Didomi widgets to change their consent information. When the consent status is unknown, your function does not get called.

Didomi.getObservableOnUserConsentStatusForVendor('vendor-id')
.filter(function (status) { return status !== undefined })
.subscribe(function (consentStatus) {
if (consentStatus === undefined) {
// The consent status for the vendor is unknown
} else if (consentStatus === true) {
// The user has given consent to the vendor
} else if (consentStatus === false) {
// The user has denied consent to the vendor
}
});

Example 3 - Get the first update to the consent status of the vendor

With this structure, your function gets called exactly once with the first available consent status. If the user has not given consent yet, your function will get called with undefined. If the user has already given consent, your function will get called with the consent status from the user.

Didomi.getObservableOnUserConsentStatusForVendor('vendor-id')
.first()
.subscribe(function (consentStatus) {
if (consentStatus === undefined) {
// The consent status for the vendor is unknown
} else if (consentStatus === true) {
// The user has given consent to the vendor
} else if (consentStatus === false) {
// The user has denied consent to the vendor
}
});

Example 4 - Get the first true or false update to the consent status of the vendor

With this structure, your function gets called exactly once when the consent status becomes available. If the user has not given consent yet, your function will only be called after the user has given consent. If the user has already given consent, your function will immediately get called with the consent status from the user. Your function will never get called with undefined.

Didomi.getObservableOnUserConsentStatusForVendor('vendor-id')
.first()
.filter(function(status) { return status !== undefined; })
.subscribe(function (consentStatus) {
if (consentStatus === true) {
// The user has given consent to the vendor
} else if (consentStatus === false) {
// The user has denied consent to the vendor
}
});

getRequiredPurposeIds

Get the list of purpose IDs that are configured for the consent notice and that consent is collected for.

Parameters

No parameter.

Returns

An array of purpose IDs.

Example

// Returns ['cookies']
Didomi.getRequiredPurposeIds();

getRequiredVendorIds

Get the list of vendor IDs that are configured for the consent notice and that consent is collected for.

Parameters

No parameter.

Returns

An array of vendor IDs.

Example

// Returns ['google']
Didomi.getRequiredVendorIds();

getUserConsentStatus(purpose, vendor)

Check if the current user has given consent for a specific purpose and vendor.

Parameters

Name

Type

Description

purpose

string

The purpose that we are checking the user consent for (example: cookies)

vendor

string

The ID of vendor that to check the user consent for. If you are checking an IAB vendor, use an integer instead of a string. Custom vendor IDs must be prefixed with c:.

Returns

A boolean that indicates if the user has given consent or not.

If you do not apply GDPR to all your visitors, this function will return undefined for visitors that are not subject to GDPR. Use isConsentRequired() to determine whether you can ignore the consent status or not.

Example

// IAB vendors
Didomi.getUserConsentStatus(Didomi.Purposes.Cookies, '1');
// Didomi vendors
Didomi.getUserConsentStatus(Didomi.Purposes.Cookies, 'vendor-id');
// Custom vendors
Didomi.getUserConsentStatus(Didomi.Purposes.Cookies, 'c:custom-vendor-id');

getUserConsentStatusForAll()

Get the user consent status for all the purposes and vendors.

Parameters

No parameter.

Returns

An object with all the consent given by the user:

{
"purposes": {
"enabled": ['cookies'],
"disabled": ['analytics'],
},
"vendors": {
"enabled": [1, 2, 3],
"disabled": [4, 5],
}
}

If you do not apply GDPR to all your visitors, this function will return empty arrays for visitors that are not subject to GDPR. Use isConsentRequired() to determine whether you can ignore the consent status or not.

Example

Didomi.getUserConsentStatusForAll();

getUserConsentStatusForPurpose(purposeId)

Get the user consent status for a given purpose.

Parameters

Name

Type

Description

purposeId

string

The ID of purpose that to check the user consent for.

Returns

A boolean that indicates if the user has given consent or not to the specific purpose.

undefined is returned if the consent status is not known yet. From a GDPR perspective, you'll want to treat undefined as false (ie no consent given) but it is helpful to know that the user has not interacted with the consent UI yet so that you can subscribe to events and wait for consent information to be collected.

If you do not apply GDPR to all your visitors, this function will return undefined for visitors that are not subject to GDPR. Use isConsentRequired() to determine whether you can ignore the consent status or not.

Example

Didomi.getUserConsentStatusForPurpose('cookies');

getUserConsentStatusForVendor(vendor)

Get the user consent status for a given vendor. We use the list of purposes declared for the vendor to make sure that it has consent for all of them. The required purposes are automatically setup for IAB or Didomi vendors and you must specify the required purposes for your custom vendors when configuring the tag.

Parameters

Name

Type

Description

vendor

string

The ID of vendor that to check the user consent for. If you are checking an IAB vendor, use an integer instead of a string. Custom vendor IDs must be prefixed with c:.

Returns

A boolean that indicates if the user has given consent or not to the specific vendor and all the purposes that require consent for that vendor.

undefined is returned if the consent status is not known yet. From a GDPR perspective, you'll want to treat undefined as false (ie no consent given) but it is helpful to know that the user has not interacted with the consent UI yet so that you can subscribe to events and wait for consent information to be collected.

If you do not apply GDPR to all your visitors, this function will return undefined for visitors that are not subject to GDPR. Use isConsentRequired() to determine whether you can ignore the consent status or not.

Example

// IAB vendors
Didomi.getUserConsentStatusForVendor('1');
// Didomi vendors
Didomi.getUserConsentStatusForVendor('vendor-id');
// Custom vendors
Didomi.getUserConsentStatusForVendor('c:custom-vendor-id');

isConsentRequired()

Determine if consent is required for the user based on two rules:

  • You are an EU company and collect consent for all visitors. In that case, consent is always required.

  • You are not an EU company and you only need to collect consent for EU visitors (see Country and GDPR for more information). In this case, we use the geolocation of the user to determine whether GDPR applies or not. For instance, a user in France or Germany will require consent (under the GDPR) whereas a user in the United States will not.

If you do not apply GDPR to all your visitors, you should call this function to determine whether you need to condition the loading of vendors or not.

Parameters

No parameter.

Returns

Boolean

Example

Didomi.isConsentRequired();

isUserConsentStatusPartial()

Determine if all consent information is available for the user.

This function returns true if and only if:

  • Consent is required for the user (ie the user is in the EU or your tag is configured to apply GDPR to all users)

  • At least one vendor is configured (if there is no vendor configured, this function always returns false as there is no consent to collect)

  • We are missing consent information for at least one vendor or purpose.

  • The consent re-collection window as configured in your tag has expired.

If there is at least one piece of consent information missing for a single vendor/purpose, this function will return true. The consent notice is usually displayed when this function returns true although there is no guarantee of the direct mapping between the two.

An important edge case is when you add new vendors or if configured vendors ask for new purposes: the consent notice will be displayed again and this function will return true until the user has given or denied consent. Vendors that already had consent before will still operate normally as we only recollect consent for additional vendors/purposes.

Parameters

No parameter.

Returns

Boolean

Example

Didomi.isUserConsentStatusPartial();

notice.isVisible()

Check if the consent notice is currently displayed.

Parameters

No parameter.

Returns

Boolean

Example

Didomi.notice.isVisible();

openTransaction()

Allow you to easily enable/disable a purpose/vendor from the existing consents. It uses setUserConsentStatusForAll under the hood but let you enable/disable a purpose/vendor one by one.

Parameters

No parameter.

Returns

a Transaction object that contain the current consents. You can then modify them with the functions below.

Example

const transaction = Didomi.openTransaction();
// enable a purpose
transaction.enablePurpose('cookies');
// enable purposes
transaction.enablePurposes('cookies', 'analytics');
// disable a purpose
transaction.disablePurpose('analytics');
// disable purposes
transaction.disablePurposes('cookies', 'analytics');
// enable a vendor
transaction.enableVendor(1);
// enable vendors
transaction.enableVendors(2, 3);
// disable a vendor
transaction.disableVendor(2);
// disable vendors
transaction.disableVendors(2, 3);
// Save and set the token/cookie with the new values
transaction.commit();

preferences.show(view)

Show the preferences manager. This can be used to allow the user to update their consent choices after the notice has been closed. We suggest adding a link with this function call somewhere on your website.

Parameters

Name

Type

Description

view

string

The view you want to open.

Possible options: information, purposes and vendors. (information will only work if you enabled the information view.)

This parameter is optional. If it is not provided, it will display the purposes view or the information view if information is enabled.

Returns

Nothing

Example

Didomi.preferences.show('purposes');

reset()

Reset all the consent information for the current user and assign a new user ID. This will remove all cookies created by Didomi and will trigger re-collection of consent. The consent notice will be displayed again.

Parameters

No parameter.

Returns

Nothing

Example

Didomi.reset();

setUserAgreeToAll()

Report that the user has given consent to all purposes and vendors setup for your website programmatically. This function will log the consent on our platform and close the banner.

Parameters

No parameter.

Returns

Nothing

Example

Didomi.setUserAgreeToAll();

setUserDisagreeToAll()

Report that the user has denied consent to all purposes and vendors setup for your website programmatically. This function will log the consent information on our platform and close the banner.

Parameters

No parameter.

Returns

Nothing

Example

Didomi.setUserDisagreeToAll();

setUserConsentStatusForAll(enabledPurposes, disabledPurposes, enabledVendors, disabledVendors)

Set the user consent status for all the purposes and vendors. You need to pass the full list of enabled/disabled purposes/vendors as it will override the previous consents. To get that list, you can use Didomi.getUserConsentStatusForAll()

Parameters

Name

Type

Description

enabledPurposes

array

The list of IDs of enabled purposes

disabledPurposes

array

The list of IDs of disabled purposes

enabledVendors

array

The list of IDs of enabled vendors

disabledVendors

array

The list of IDs of disabled vendors

Returns

Nothing

Example

Didomi.setUserConsentStatusForAll(
['cookies'],
['analytics'],
[1,2,3],
[4,5],
);

shouldConsentBeCollected()

Determine if consent should be collected for the visitor. Returns true if consent is required for the current user and one of following two conditions is met:

  • Consent has never been collected for this visitor yet

  • New consents should be collected (as new vendors have been added) AND the number of days before recollecting them has exceeded

If none of these two conditions is met, the function returns false. This function is mainly present to allow you to know when to display your own notice if you have disabled our standard notice.

Parameters

No parameter.

Returns

Boolean

Example

Didomi.shouldConsentBeCollected()