Note: User data mappings are indexed asynchronously, which can cause a slight delay between the time mappings are created or updated and when they are included in consentStores.evaluateUserConsents results.
HTTP request
POST https://healthcare.googleapis.com/v1beta1/{consentStore=projects/*/locations/*/datasets/*/consentStores/*}:evaluateUserConsents
Required. Name of the consent store to retrieve User data mappings from.
Authorization requires the following IAM permission on the specified resource consentStore:
healthcare.consentStores.evaluateUserConsents
Request body
The request body contains data with the following structure:
JSON representation
{"userId": string,"resourceAttributes": {string: string,...},"requestAttributes": {string: string,...},"responseView": enum(ResponseView),"pageSize": integer,"pageToken": string,// Union field consent_selection can be only one of the following:"consentList": {object(ConsentList)}// End of list of possible types for union field consent_selection.}
Fields
userId
string
Required. User ID to evaluate consents for.
resourceAttributes
map (key: string, value: string)
Optional. The values of resource attributes associated with the resources being requested. If no values are specified, then all resources are queried.
An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
requestAttributes
map (key: string, value: string)
Required. The values of request attributes associated with this access request.
An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
Optional. Specific Consents to evaluate the access request against. These Consents must have the same userId as the User data mappings being evalauted, must exist in the current consentStore, and must have a state of either ACTIVE or DRAFT. A maximum of 100 Consents can be provided here. If unspecified, all ACTIVE unexpired Consents in the current consentStore will be evaluated.
Response body
If successful, the response body contains data with the following structure:
No response view specified. The API will default to the BASIC view.
BASIC
Only the dataId and consented fields are populated in the response.
FULL
All fields within the response are populated. When set to FULL, all ACTIVE Consents are evaluated even if a matching policy is found during evaluation.
Result
The consent evaluation result for a single dataId.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-06-27 UTC."],[[["\u003cp\u003eThis API endpoint \u003ccode\u003eprojects.locations.datasets.consentStores.evaluateUserConsents\u003c/code\u003e evaluates a user's consents against their data mappings within a specified consent store.\u003c/p\u003e\n"],["\u003cp\u003eUser data mappings are indexed asynchronously, potentially causing a slight delay before they are reflected in the \u003ccode\u003eevaluateUserConsents\u003c/code\u003e results.\u003c/p\u003e\n"],["\u003cp\u003eThe evaluation process requires a \u003ccode\u003euserId\u003c/code\u003e and \u003ccode\u003erequestAttributes\u003c/code\u003e and optionally allows for specifying \u003ccode\u003eresourceAttributes\u003c/code\u003e, \u003ccode\u003eresponseView\u003c/code\u003e, \u003ccode\u003epageSize\u003c/code\u003e, and a \u003ccode\u003epageToken\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe response provides a list of \u003ccode\u003eresults\u003c/code\u003e, each containing a \u003ccode\u003edataId\u003c/code\u003e, a \u003ccode\u003econsented\u003c/code\u003e boolean, and \u003ccode\u003econsentDetails\u003c/code\u003e, as well as a \u003ccode\u003enextPageToken\u003c/code\u003e for pagination if applicable.\u003c/p\u003e\n"],["\u003cp\u003eThe request to this endpoint uses the HTTP POST method, and consent store evaluation requires \u003ccode\u003ehealthcare.consentStores.evaluateUserConsents\u003c/code\u003e IAM permission on the specified resource.\u003c/p\u003e\n"]]],[],null,["# Method: consentStores.evaluateUserConsents\n\n**Full name**: projects.locations.datasets.consentStores.evaluateUserConsents\n\nEvaluates the user's [Consents](/healthcare-api/docs/reference/rest/v1beta1/projects.locations.datasets.consentStores.consents#Consent) for all matching [User data mappings](/healthcare-api/docs/reference/rest/v1beta1/projects.locations.datasets.consentStores.userDataMappings#UserDataMapping).\n\nNote: User data mappings are indexed asynchronously, which can cause a slight delay between the time mappings are created or updated and when they are included in consentStores.evaluateUserConsents results.\n\n### HTTP request\n\n`POST https://healthcare.googleapis.com/v1beta1/{consentStore=projects/*/locations/*/datasets/*/consentStores/*}:evaluateUserConsents`\n\nThe URL uses [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nIf successful, the response body contains data with the following structure:\n\n### Authorization scopes\n\nRequires one of the following OAuth scopes:\n\n- `https://www.googleapis.com/auth/cloud-healthcare`\n- `https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authentication Overview](/docs/authentication#authorization-gcp).\n\nResponseView\n------------\n\nThe supported views for [EvaluateUserConsentsResponse](/healthcare-api/docs/reference/rest/v1beta1/projects.locations.datasets.consentStores/evaluateUserConsents#body.EvaluateUserConsentsResponse).\n\nResult\n------\n\nThe consent evaluation result for a single `dataId`."]]
