Skip to content
HashEntry CMP SDK

Server-to-Server (REST API) Integration

If you are providing custom interfaces (such as an in-app contract screen or a fully custom web consent experience), you can obtain legal consent on your own Backend servers and securely transmit it to HashEntry’s Consent Log system Backend-to-Backend.

Authentication

Section titled “Authentication”

API requests must include the X-API-Key HTTP header with your unique Site’s API key from the HashEntry dashboard.

Section titled “Recording Consent”

It is used to permanently and immutably record actions (cookie consent, contract approval, etc.) defined by the user in your system.

Endpoint: POST https://system.hashentry.com/tool/v1/consents

Required Headers:

Content-Type: application/json
X-API-Key: YOUR_SITE_API_KEY
Section titled “Scenario 1: Custom Cookie Consent Request (JSON)”

If you extracted cookie permissions from your native UI:

{
  "consent_type": "cookie_consent",
  "decision": "accept",
  "document_version_id": "cookie-policy-version-uuid",
  "visitor_region": "us",
  "compliance_framework": "ccpa",
  "metadata": {
    "categories": {
      "necessary": true,
      "analytics": true,
      "marketing": false
    }
  }
}

Scenario 2: Document Approval Request (JSON)

Section titled “Scenario 2: Document Approval Request (JSON)”

Example of a user accepting the Distance Sales Contract before placing an order:

{
  "consent_type": "document_approval",
  "decision": "accept",
  "document_version_id": "terms-of-service-version-uuid",
  "ip_address": "192.168.1.5",
  "user_agent": "Mozilla/5.0 ...",
  "metadata": {
    "order_id": "ORD-54321",
    "customer_no": "CUST-999"
  }
}

Successful Response (201 Created)

Section titled “Successful Response (201 Created)”
{
  "message": "Consent recorded",
  "data": {
    "consent_token": "ct_1234abc...",
    "proof_hash": "sha256:abcd12...",
    "created_at": "2026-03-27T14:00:00+03:00"
  }
}

The returned proof_hash acts as irrefutable cryptographic evidence of the legal consent action.

Advanced Features

Section titled “Advanced Features”
  • Batch Transfers: Submit batched consents via POST /tool/v1/consents/batch to reduce network loads.
  • Active Document Query: Continuously query GET /tool/v1/documents/{slug}/active to keep contract texts updated in real-time.