Enhance user profiles with consent and communication preferences
Ensure your organization is compliant with privacy regulations while honoring customer choices with OneTrust PreferenceChoice™ and Auth0.
Operationalize Your Privacy, Security and Third-Party Risk Programs. OneTrust products work together to give you the automation, workflows and record keeping you need to comply with GDPR, CCPA, ISO 270001 and hundreds of the world’s privacy and security laws.
Add Consent Data to Your User Profiles
Enrich user profiles with opt-ins, cookie consent, subscriptions, marketing/sales consent, communication preferences and more to ensure customer choices are honored throughout marketing systems.
Automate Compliance with Privacy Regulations
Comply with privacy regulations (like the GDPR and CCPA) by collecting consent and preferences through web forms, cookie banners, at events, event registrations and more.
Infuse Transparency in Your User Experiences
Utilize SSO, MFA and other Auth0 features to enable access to dynamic preference centers tailored to each user, empowering your audience with consent and preferences choices and transparent view of their personal data and how it’s utilized.
This integration sends Auth0 user emails to a OneTrust Collection Point during login. This will trigger the creation of a magic link token in OneTrust, which can be requested by your applications.
Pre-Requisites and Assumptions:
- An active Auth0 account (you can sign up for free here)
- Access to the OneTrust administration console
- Email as the primary identifier used to register a new user
Create a Collection Point in OneTrust
First, create and define a Collection Point in OneTrust (registration required).
As part of the setup, make sure to specify an Email data element that will be used to link the OneTrust Data Subject/Consumers Profile and the Auth0 user. Once the Collection Point is published:
- Click on the Custom API tab
- Copy your API URL, API Token, and the
Idfor the Collection Point's Purpose in the Expected Paylod section
Add the Auth0 Rule
Please note: Clicking any of the 3 buttons on the Edit Rule screen will save and activate the Rule. When initially installed, the Rule will be skipped until the required configuration (explained below) is added.
- Click Add Integration at the top of this page
- Click Save Changes to activate this integration
For information on testing and debugging Rules, please see our documentation.
Add the Auth0 Rule Configuration
Please note: Once marked the required configuration below is added, all logins for your tenant will be processed by this Rule. Please make sure all components have been configured correctly and verified on a test tenant before activating the integration in production.
Click Back to Rules to get to the main Rules screen.
Scroll down to the Settings section.
Add the following keys (more about Rules configuration here):
ONETRUST_REQUEST_INFORMATION: Your OneTrust Collection Point API Token
ONETRUST_CONSENT_API_URL: Your OneTrust Collection Point API URL
ONETRUST_PURPOSE_ID: Your OneTrust Collection Point Purpose ID
ONETRUST_SKIP_IF_NO_EMAIL: If set to "true" then the Rule will skip if there is no email address. Otherwise the Rule will fail with an error.
Once the user has been recorded on the OneTrust Collection Point, any of your applications can reach out to OneTrust to get a magic link to their Consent Center.