Method: consentStores.checkDataAccess

Full name: projects.locations.datasets.consentStores.checkDataAccess

Checks if a particular dataId of a User data mapping in the specified consent store is consented for the specified use.

HTTP request

POST https://healthcare.googleapis.com/v1beta1/{consentStore=projects/*/locations/*/datasets/*/consentStores/*}:checkDataAccess

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters

Parameters
`consentStore`	`string` Required. Name of the consent store where the requested dataId is stored, of the form `projects/{projectId}/locations/{locationId}/datasets/{datasetId}/consentStores/{consentStoreId}`. Authorization requires the following IAM permission on the specified resource `consentStore`: `healthcare.consentStores.checkDataAccess`

consentStore

string

Required. Name of the consent store where the requested dataId is stored, of the form projects/{projectId}/locations/{locationId}/datasets/{datasetId}/consentStores/{consentStoreId}.

Authorization requires the following IAM permission on the specified resource consentStore:

healthcare.consentStores.checkDataAccess

Request body

The request body contains data with the following structure:

JSON representation

JSON representation
{ "dataId": string, "requestAttributes": { string: string, ... }, "responseView": enum(`ResponseView`), // Union field `consent_selection` can be only one of the following: "consentList": { object(`ConsentList`) } // End of list of possible types for union field `consent_selection`. }

{
  "dataId": string,
  "requestAttributes": {
    string: string,
    ...
  },
  "responseView": enum(ResponseView),

  // Union field consent_selection can be only one of the following:
  "consentList": {
    object(ConsentList)
  }
  // End of list of possible types for union field consent_selection.
}

Fields
`dataId`	`string` Required. The unique identifier of the resource to check access for. This identifier must correspond to a User data mapping in the given consent store.
`requestAttributes`	`map (key: string, value: string)` The values of request attributes associated with this access request. An object containing a list of `"key": value` pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.
`responseView`	`enum(ResponseView)` Optional. The view for `CheckDataAccessResponse`. If unspecified, defaults to `BASIC` and returns `consented` as `TRUE` or `FALSE`.
Union field `consent_selection`. The selection of `Consents` to evaluate the access request against. If no selection is specified, the access request is evaluated against all `ACTIVE` unexpired Consents with the same `user_id` as the data to check access for. `consent_selection` can be only one of the following:
`consentList`	`object(ConsentList)` Optional. Specific `Consents` to evaluate the access request against. These Consents must have the same `userId` as the evaluated User data mapping, must exist in the current `consentStore`, and have a `state` of either `ACTIVE` or `DRAFT`. A maximum of 100 Consents can be provided here. If no selection is specified, the access request is evaluated against all `ACTIVE` unexpired Consents with the same `userId` as the evaluated User data mapping.

Response body

Checks if a particular dataId of a User data mapping in the given consent store is consented for a given use.

If successful, the response body contains data with the following structure:

JSON representation
{ "consented": boolean, "consentDetails": { string: { object(`ConsentEvaluation`) }, ... } }

Fields

Fields
`consented`	`boolean` Whether the requested resource is consented for the given use.
`consentDetails`	`map (key: string, value: object(ConsentEvaluation))` The resource names of all evaluated `Consents` mapped to their evaluation. An object containing a list of `"key": value` pairs. Example: `{ "name": "wrench", "mass": "1.3kg", "count": "3" }`.

consented

boolean

Whether the requested resource is consented for the given use.

consentDetails

map (key: string, value: object(ConsentEvaluation))

The resource names of all evaluated Consents mapped to their evaluation.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

Authorization scopes

Requires one of the following OAuth scopes:

https://www.googleapis.com/auth/cloud-healthcare
https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

ResponseView

The supported views for CheckDataAccessResponse.

Enums
`RESPONSE_VIEW_UNSPECIFIED`	No response view specified. The API will default to the BASIC view.
`BASIC`	Only the `consented` field is populated in `CheckDataAccessResponse`.
`FULL`	All fields within `CheckDataAccessResponse` are populated. When set to `FULL`, all `ACTIVE` Consents are evaluated even if a matching policy is found during evaluation.