Consent web token implementation for node.js and the browser


stars 🌟issues ⚠️updated 🛠created 🐣size 🏋️‍♀️
20May 24, 2018Feb 24, 2018Minified + gzip package size for @didomi/consentwebtoken in KB



Build Status Coverage Status

An implementation of the Consent web token specification.

A consent web token is a JWT that has standardized consent claims and that can be used to represent user consent for data privacy regulations like GDPR or ePrivacy.

This library provides easy-to-use functions to:

  • Manage user consent (add, check and remove user consent from a token)
  • Encode/decode a token
  • Sign a token
const { CWT, Purposes } = require('@didomi/consentwebtoken');

// Create a consent web token for a user
const token = new CWT({
  issuer: 'didomi',
  user_id: 'user@domain.com',
  user_id_type: 'email',

// Add a few consents
token.setConsentStatus(true, Purposes.Cookies, 'didomi');
token.setConsentStatus(true, Purposes.Cookies, 'liveramp');

// Check what the consent status of a given purpose
token.getConsentStatus(Purposes.Cookies, 'didomi');

// Encode the token for storage

Table of Contents


npm install --save @didomi/consentwebtoken

The package has no peer dependency.


The API documentation is available here: https://didomi.github.io/cwt-node/class/src/token.js~CWT.html

A Consent Web Token is a very simple data structure. Example:

    user_id: 'user@email.com',
    user_id_type: 'email',
    consents: [
            purpose: 'cookies',
            vendors: [
                  id: '*',
                  status: true
                  id: 'didomi',
                  status: true
                  id: 'other-vendor',
                  status: false




Logo of Didomi

cwt-node is developed and maintained by Didomi, an end-to-end solution for managing data privacy and user consent.

If you find any bugs or have a feature request, please open an issue on github!

The npm package download data comes from npm's download counts api and package details come from npms.io.