EasyConsent
Docs Log in Try for free
← Documentation

API Reference

Public REST API used by the EasyConsent JavaScript widget.

Base URL

https://easyconsent.eu/api/widget/{uuid}

Replace {uuid} with your widget's unique identifier, found in your dashboard under each widget.

Authentication

These endpoints are public and do not require authentication. They are rate-limited per widget UUID to prevent abuse.

GET /api/widget/{uuid}/config

Returns the widget configuration including styles, enabled features and cookie categories.

Response

200 OK — application/json

{
  "uuid": "99291220-91bf-4830-9cc5-7e21471ac94c",
  "domain": "example.com",
  "status": "active",
  "show_decline_button": true,
  "auto_block_scripts": false,
  "cookie_expiry_days": 365,
  "privacy_policy_url": "https://example.com/privacy",
  "cookie_policy_url": "https://example.com/cookies",
  "google_consent_mode": true,
  "style": {
    "primary_color": "#5fa884",
    "secondary_color": "#2c5f87",
    "background_color": "#ffffff",
    "text_color": "#1b1b18",
    "button_text_color": "#ffffff",
    "font_family": "Inter",
    "font_size": 14,
    "border_radius": 8,
    "position": "bottom",
    "show_shadow": true
  },
  "categories": [
    { "id": 1, "slug": "necessary",  "required": true  },
    { "id": 2, "slug": "functional", "required": false },
    { "id": 3, "slug": "analytics",  "required": false },
    { "id": 4, "slug": "marketing",  "required": false }
  ]
}

Error responses

Status Meaning
404 Widget not found or not active
GET /api/widget/{uuid}/translations/{locale}

Returns UI strings for the specified locale. The widget calls this automatically using the visitor's browser language.

Path parameters

Parameter Values
locale en, es, de, fr, it, sv, da, no, fi

Response

200 OK — application/json

{
  "locale": "en",
  "title": "We use cookies",
  "description": "We use cookies to improve your experience.",
  "accept_all": "Accept all",
  "decline_all": "Decline",
  "customize": "Customize",
  "save_preferences": "Save preferences",
  "necessary_title": "Necessary",
  "necessary_description": "Required for the website to function.",
  "functional_title": "Functional",
  "functional_description": "Remember your preferences.",
  "analytics_title": "Analytics",
  "analytics_description": "Help us understand how visitors use the site.",
  "marketing_title": "Marketing",
  "marketing_description": "Used to show relevant advertisements."
}
POST /api/widget/{uuid}/consent

Logs a consent action. Called automatically by the widget when a visitor accepts, declines or saves preferences. This is the audit log endpoint required for GDPR compliance.

Request body

application/json

{
  "action": "accept",
  "categories": [1, 2, 3, 4],
  "page_url": "https://example.com/about",
  "language": "en"
}

Fields

Field Type Values
action string accept, decline, customize
categories array of integers IDs of accepted categories
page_url string (URL) Full URL where consent was given
language string en, es, de, fr, it, sv, da, no, fi

Response

201 Created — application/json

{
  "success": true,
  "log_id": 1042
}

Error responses

Status Meaning
422 Validation error — check field formats
404 Widget not found or not active
429 Rate limit exceeded

CORS

All /api/widget/* endpoints have CORS enabled for all origins, as they are designed to be called from any domain where the widget is installed.