The next step is to set up permissions for those features of your app that require parental consent. For example, your app might need permission to send a welcome magazine to a kid, or to collect the kid’s email address.
This step includes defining some text (or ‘copy’) to describe each permission and why it is required. This copy is displayed to the parent and the user.
Define your app’s permissions and copy
You cannot set up permissions and copy yourself. Instead, contact your Implementation Manager who will help you to define what permissions you need and build them into your user experience.
For each permission, you need to provide the following information:
- A title for the permission; for example ‘Welcome Magazine’. Maximum 20 characters.
- A description of the permission that is displayed to the parent in the Parent Portal and in emails to the parent. Maximum 255 characters.
- A description of the permission that is displayed to the user in the SSO view during the sign-up process. Maximum 255 characters.
This example shows how the titles and descriptions for 2 permissions are displayed to the parent in the Parent Portal:
View permissions in the Control Panel
Once your Implementation Manager applies your permissions and copy, you can view them in your KWS Control Panel. To do this, select the required app, and then click Settings > Permissions:
The List of permissions displays the following information about each permission:
|Code||The permission code which can be used in API endpoints. See API endpoint for permissions, below.|
|Name||The name of the permission. This is displayed to parents and users.|
|Dependencies||The name of a permission that must be granted before this permission can be granted. |
For example, assume your app has 2 permissions: ‘Email’ and a weekly ‘Newsletter’. Your newsletter is delivered via email, so you need to know the child’s email address before you can send the newsletter.
In this case, the ‘Newsletter’ permission would have Dependencies set to ‘Email’.
|Type||This is the type of parental consent required for this permission.|
– Opt-in (Email Plus) means the parent has to explicitly grant the permission before the kid has access to the feature.
– Opt-out means the parent is simply notified that their kid is using the feature. The parent has to explicitly revoke permission (opt out) at any point if they don’t want their kid to do this.
For more information about opt-in and opt-out consent, see Types of parental consent.
|Prerequisite||Required / Optional|
If ‘Required’, the permission is a precondition to the service and cannot be revoked.
|Parental verification||Required / Not required|
If ‘Required’, the permission is granted only if the parent has been verified as being an adult.
For more information, see Parental consent and verification.
|Creation date||The date the permission code was created in KWS.|
|Parent description||The description of the permission that the parent sees in the Parent Portal.|
|Child description||The description of the permission that the user sees in the SSO view.|
Contact your Implementation Manager if you wish to provide permissions and/or copy in multiple languages. When they have uploaded the localised permissions and copy for you, you can view them in the Permissions tab by selecting the language from the dropdown menu on the right-hand side:
API endpoint for permissions
You can use permission codes within the POST /v2/apps/:appId/users/review-permissions endpoint. This endpoint sends an email to the parent with an authenticated link to the Parent Portal. When the parent clicks on the link, they are automatically logged into the Parent Portal where they can review their child’s permissions.
Trigger a webhook when permissions change
You can create a webhook to notify your application backend with an HTTP call when a user’s permissions change. To do this, follow the instructions in Set up webhooks and set the Webhook action to ‘User permission changed’.