Documentation

Record consent events with one API call.

Generate an API key, create an agreement, and send each acceptance event with the user identifier and agreement version you need for audits.

Quick start

1

Generate an API key in dashboard settings.

2

Create an agreement and publish the version you want to enforce.

3

Send `agreement_id` and `user_identifier` to `POST /api/track`.

4

Store the returned `consent_id` for future audits or exports.

Authentication

Use the `X-API-Key` header on every request. Keys are scoped to your organization.

Response shape

The endpoint returns a stable success payload with the saved consent record identifier.

Audit fields

Each consent includes agreement version metadata, timestamps, IP address, and user agent details.

POST /api/track

Record a user consent event for a specific agreement version.

Headers
X-API-Key: ck_live_your_api_key_here
Content-Type: application/json
Request body
{
  "agreement_id": "agr_terms_v3",
  "user_identifier": "user@example.com",
  "metadata": {
    "source": "signup_form",
    "workspace_id": "ws_123"
  }
}
JavaScript example
const response = await fetch("https://api.clickwrap.dev/api/track", {
  method: "POST",
  headers: {
    "X-API-Key": process.env.CLICKWRAP_API_KEY!,
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    agreement_id: "agr_terms_v3",
    user_identifier: user.email,
    metadata: { source: "checkout" }
  })
})

const data = await response.json()
console.log(data.consent_id)

Response

{
  "success": true,
  "consent_id": "cns_01JV5X6A4R",
  "agreement_id": "agr_terms_v3",
  "accepted_at": "2026-03-07T14:22:18Z"
}

Error codes

400

Invalid or missing parameters.

401

Invalid or missing API key.

402

Monthly consent limit exceeded.

404

Agreement not found.

429

Rate limit exceeded.

500

Unexpected server error.