DocCheck Login documentation
K

# Personal, scopes & consent

Overview

This chapter explains how scopes are requested, how the consent form works, and how personal data (Personal) is provided after consent.

# Scopes

  • Purpose: define which data is retrievable after consent.
  • Selection: per login client in the button configurator.
  • Economy: unique_id, profession, country, language.
  • Business (extended): also name, email, address, occupation_detail (discipline/activity).
  • Return values: see User data return values.

Implementation note

DocCheck only supports scopes that are defined and documented by DocCheck. Custom or deviating scope names are not processed.

  • Per login client, shown during the login flow.
  • Required: privacy policy URL.
  • Optional: additional note (e.g., data usage purpose).
  • Mandatory scopes: cannot be deselected; users still consent/decline as a whole.
  • Detailed setup: Configure the consent form.

# Data retrieval (OAuth2)

# Personal (Business only)

  • Description: personal data after user consent for CRM/process integration.
  • Retrieval: via user data endpoint according to granted scopes.

# Notes

  • Only data that was configured and consented to is provided.
  • Use scopes consistently with your privacy policy.
  • For state passthrough and target selection, see Redirect & State flow.

# Unique_ID (system scope)

  • unique_id is available as a selectable scope starting with the Economy license in the Button Configurator.
  • It is not displayed in the consent form and is not explicitly consented; no separate consent is required.
  • You decide whether to use unique_id for correlation (e.g., pseudonymous linking).
  • Retrieve it via the User data endpoint; see field details under User data endpoint return values.

# Data Mapping

ON THIS PAGE
Scopes
Consent form
Data retrieval (OAuth2)
Personal (Business only)
Notes
Unique_ID (system scope)
Data Mapping