# Business

Business includes Basic and Economy features and adds:

extended scopes (personal data only after consent)
email domain whitelist and IP whitelist
advanced settings in DocCheck Access

# Benefits

Extended scopes including personal data (after consent)
Configurable consent form per login client
Access control via email domain and IP whitelist
Secure data retrieval via OAuth2 user data endpoint
Insights via extended statistics

# Description

Business is designed for operators with advanced security, data, and organizational requirements. Using scopes, you define which (possibly personal) data is provided after user consent. The consent form makes requests transparent (privacy policy URL required, optional additional note). Data retrieval is controlled via the OAuth2-based user data endpoint. You can also restrict access by email domains and IP addresses.

# Features

OAuth2
- Client secret per login client in DocCheck Access (opens new window)
- Endpoints and flow: see OAuth2 service
Personal (data flow after consent):
- Personal data for CRM/process integration (per consent)
- Consent form: privacy policy URL required, optional note
- Scopes (extended), e.g., unique_id, name (first/last), profession, discipline, email, address, country, language (select in the button configurator)
- Mandatory scopes: cannot be deselected in consent; users still consent/decline as a whole
- Retrieval via User data endpoint
- Return values: Overview
Email domain whitelist (access control for employee domains in DocCheck Access)
IP whitelist (access control via source IP in DocCheck Access)
Deeplinks in DocCheck Access
Statistics:
- Authorizations (logins): success, denied
- Consents: full, partial, withdrawn
- Logins by profession

Notes

Personal data is provided only after explicit user consent and when the corresponding scopes are selected.
Manage and verify scopes/consent, email domains, and IPs in DocCheck Access.

← Economy
/licenses/economy-license.html Personal, scopes & consent →
/features/personal.html