Consent Management
Configure consent requirements per forwarding rule so events are only delivered to a destination when the user has granted the required consent.
Scope: consent is enforced per forwarding rule in Zeotap. There is no workspace-wide consent setting — every destination defines its own required categories at setup time. Events are still captured in the event warehouse regardless of consent state, so you keep an auditable record of what was received.
Overview
When an event reaches the forwarding pipeline, Zeotap inspects the consent payload attached to the event and matches it against the categories required by each rule. If a required category is missing or denied, the event is dropped for that rule (it can still be forwarded to other rules whose requirements are met).
Consent Categories
The following categories are available and map to typical privacy-policy buckets:
| Category | Description | Example Use |
|---|---|---|
analytics | Product analytics and usage tracking | Mixpanel, Amplitude |
marketing | Email marketing and campaign tracking | Braze, Klaviyo |
advertising | Ad targeting and retargeting | Google Ads, Facebook |
functional | Essential product functionality | Error tracking |
Configuration
Configure consent for each forwarding rule independently:
- Open the destination in Event Forwarding and create or edit a forwarding rule.
- Proceed to Step 4 — Consent & Mapping.
- Select the consent categories required for delivery to this destination. The event must have consent for all selected categories.
- Save the rule.
Repeat for every destination — each forwarding rule has its own consent requirements.
Setting User Consent
Send consent state on each event in context.consent. Boolean fields per category are evaluated directly:
{
"type": "track",
"event": "page_viewed",
"userId": "user_123",
"context": {
"consent": {
"analytics": true,
"marketing": true,
"advertising": false
}
}
}Alternatively, supply an IAB TCF v2 consent string and Zeotap will derive each category from the standard purpose IDs:
{
"context": {
"consent": {
"tcfString": "CPxxxxx..."
}
}
}How Filtering Works
When an event is received:
- The event’s
context.consentpayload is parsed (booleans first, then TCF v2 fallback). - For every forwarding rule, every required category must resolve to “granted”.
- Rules with all requirements met deliver the event; rules with any unmet requirement skip it.
- The event is still written to the event warehouse regardless of consent decisions.
API Reference
See Events API for the event-forwarding rule endpoints.