Skip to main content
Fiskil manages the entire consent flow on your behalf — including authorization screens and an optional consumer consent dashboard. You focus on your product, while Fiskil provides a compliant, secure, and user-friendly consent experience. With Fiskil, you do not need to design or implement consent screens yourself. Instead, you integrate with the hosted consent flow via OAuth2/OIDC. Fiskil then:
  • Displays clear, compliant authorization screens
  • Captures the user’s consent (scopes, duration, accounts)
  • Issues and validates tokens with the correct scopes
  • Provides APIs and Console views for consent metadata
  • Offers an optional consumer dashboard where end users can review or revoke consents
Consents are treated as first-class records in Fiskil. The lifecycle includes:
  1. Creation — A user grants consent during the hosted authorization flow. Requested scopes, purpose, and duration are captured.
  2. Activation — Tokens are issued with the granted scopes.
  3. Review — Consent metadata, history, and associated API activity can be reviewed in the Console or via APIs.
  4. Update — If scopes or duration change, the consent record is updated and new tokens reflect the change.
  5. Revocation/Expiry — Users can withdraw consent at any time via the dashboard, or consents may expire automatically. Tokens are invalidated immediately.

What Fiskil Provides

  • Hosted consent screens — Fully managed, OAuth/OIDC-compliant UI.
  • Consumer dashboard (optional) — A hosted interface where users can view and revoke active consents.
  • Console & APIs — For your teams to inspect consent metadata, history, and associated API calls.
  • Compliance built-in — Consent flows follow global data sharing standards (e.g., CDR, FDX).
  1. Your app initiates OAuth2/OIDC with Fiskil.
  2. The user is redirected to the hosted consent screen (branded with your logo and domain).
  3. The user reviews the requested datasets, purposes, and duration.
  4. The user approves consent; Fiskil records it and issues tokens with the correct scopes.
  5. Your app receives the tokens and uses them to call your Resource Server.
  6. Consent metadata is visible in the Console and accessible via APIs.

Branding and Configuration

You can configure the consent experience without building it yourself:

Compliance and UX Principles

Fiskil implements best practices into every consent flow so you don’t need to build them yourself:
  • Clarity — Show who is requesting access, what data will be shared, and for how long.
  • Least privilege — Third parties request access to only the data they need by specifying scopes.
  • Revocability — Clear withdrawal options during and after consent.
  • Trust — Hosted on your branded domain, avoiding unnecessary third-party redirects.