Enable Audit and Persistent Storage of User Consent

You can enable the recording of user consent in the audit trail (for non-repudiation purposes) and in a dedicated user attribute (to remember the user decision and avoid re-prompting).

  1. Log on to the ActivID Management Console as an ActivID Administrator (for example, ftadmin).

  1. To enable the auditing of consent signatures and storage of consent data, create the following permissions that are required for the System Users administration group:

    • Create External Audit

    • Update User Attribute

    1. Select the Access Administration tab and, under Access Control, select Permission Sets.

    2. Click Add.

    3. Enter a descriptive Name for the permission set (for example, OpenID Consent Permission) and edit the Code if necessary.

    4. From the Permission Type drop-down list, select Predefined.

    5. From the Resource Type drop-down list, select Admin Group.

  1. Assign the Permission Set to the System Users group:

    1. Select the Access Administration tab and, under User Organization, select Administration Groups.

    2. Click on the name of the System Users group.

    3. Select the Permissions tab, and go to the Predefined section.

    4. Click Assign for the OpenID consent permission set to assign it to the group.

    5. Click Ok to apply the settings.

Note: If these permissions are not assigned, audit records will not be created, the consent will not be stored, and the end user will be prompted to sign the consent at each authentication. In addition, errors will only be logged, but not generated.