Core Concepts
Project Key
Every site has a unique project key (e.g., cl_live_abc123). This key identifies your site in the banner script tag and SDK. It is safe to include in client-side code.
Cookie Categories
ConsentLayer organizes cookies into categories. Every site starts with three default categories:
| Category | Slug | Required | Description |
|---|---|---|---|
| Essential | essential | Yes | Cookies required for the site to function |
| Statistics | statistics | No | Analytics and performance tracking |
| Marketing | marketing | No | Advertising and retargeting |
You can create additional categories via the dashboard or API. Users give or withhold consent per category.
Consent State
When a visitor interacts with the banner, ConsentLayer stores their consent in a cl_consent cookie:
{
"v": 1,
"ts": 1700000000000,
"jur": "EU",
"cat": { "essential": true, "statistics": false, "marketing": false },
"gpc": false,
"dns": false
}The SDK reads this cookie to provide hasConsent(), getConsentState(), and reactive React hooks.
Services
Services represent third-party tracking tools (Google Analytics, Facebook Pixel, etc.). Each service belongs to a category and has associated cookies. The scanner detects services automatically.
Jurisdictions
ConsentLayer supports GDPR (opt-in) and CCPA (opt-out) compliance. Geo-detection determines which rules apply to each visitor. The banner behavior adapts accordingly.
Script Blocking
The banner automatically blocks tracking scripts until consent is given. It intercepts script tag creation via DOM proxies and holds execution until the relevant category is consented.