IPassportManager::HaveConsent
.jpg)
IPassportManager::HaveConsent
Determines whether a user is subject to consent and has consent, based on the contents of the Consent cookie and the BDay_precision and Flags attributes of the Profile.
This method is generally only relevant if the site is implementing and using the Microsoft® Kids Passport service.
Syntax
HRESULT HaveConsent( VARIANT_BOOL bNeedFullConsent, VARIANT_BOOL bNeedBirthdate, VARIANT_BOOL* pbHaveConsent );
Parameters
- bNeedFullConsent
[in] A VARIANT (should be VT_BOOL) determining whether a full consent status is required. If bNeedFullConsent is TRUE, then pbHaveConsent returns TRUE only if the user has full consent for the site. If bNeedFullConsent is FALSE, then pbHaveConsent returns TRUE if the user has either full or limited consent for the site.
- bNeedBirthdate
[in] A VARIANT (should be VT_BOOL) determining whether the BDay_precision attribute value in the Profile should be checked also. If bNeedBirthdate is TRUE, then pbHaveConsent returns FALSE if BDay_precision is 0 (no birth date specified) or 3 (legacy in which only 'under 18' is specified). If bNeedBirthdate is FALSE, then the value of BDay_precision is ignored, and the value returned in pbHaveConsent depends only on whether the Profile meets the level of consent requested with bNeedFullConsent.
- pbHaveConsent
[out, retval] Pointer to a VARIANT (should be VT_BOOL), which gives consent status for the user on the site. TRUE means the user has consent and may continue, or was not subject to consent. FALSE means the user is subject to consent, and does not have consent.
Return values
Returns one of the following values:
S_OK Success. E_POINTER pbHaveConsent was NULL pointer.
Remarks
HaveConsent is used to determine consent on a site for compliance with children's privacy laws, such as the Children's Online Privacy Protection Act (COPPA). For Kids Passport sites, consent status is stored either in the Profile or Consent cookie, depending on the setting of the Consent Cookie Domain field in the Passport Manager Administration utility. The results of the HaveConsent method are determined from the consent values in these cookies. The Consent cookie (and possibly the attributes in the Profile cookie) are checked to determine the results of this method. Users who do not have consent should be handled according to your site's children's privacy laws compliance policy. This means that areas of your site subject to consent should not authenticate users who do not have consent. Those users can potentially be redirected to the Kids Passport site to obtain consent.
Full consent indicates that the Microsoft® .NET Passport domain authority or participating site may both use and share personal information, such as name or e-mail address. Limited consent indicates that the .NET Passport domain authority or participating site may use such information, but may not share it with other sites or business entities.
There are some rare cases in which users who have been specifically directed to the Login server with KPP=2 or 3 can be returned to your site with a Profile but do not necessarily have consent. These include certain specialized client cases, such as MSN TV users, or cases in which the user directed to the Login server actually ended up registering for a new .NET Passport and was then returned to your site. For this reason, HaveConsent should always be used on every Kids Passport protected page to verify consent. Do not rely on the fact that your site always specifies KPP=2 or 3 in authentication calls and redirects to the Login server.
See Also
IPassportManager Interface | Kids Passport Overview | BDay_precision | Kids Passport Implementation Process | Checking for Consent