Features · every capability in the platform

Every layer of consent. One platform.

From a lightweight loader to a complete consent log, every piece is built to snap together. No glue code. No spreadsheet exports. No “enterprise tier to unlock the basics.”

No credit card required

Install in seconds

GDPR / CCPA / LGPD ready

MCP-native — install from any AI coding agent below

Claude Cursor Codex

The platform

Everything you need to ship compliant consent.

Drop in a script and get a banner, a cookie scanner, geo rules, and a consent log — all wired to the same source of truth, and all drivable by an AI agent.

Script blocking

Blocks tracking scripts until visitors consent — 20+ built-in rules for Google, Meta, TikTok and more, plus custom per-site rules.

Content blocking

Consent-gate embeds and iframes per service, with a click-to-load placeholder until the visitor opts in.

Floating preferences button

A “Manage preferences” button stays after the banner closes — pick a preferences, shield, cookie or custom icon.

Google Consent Mode v2

Granular ad_storage, analytics_storage, ad_user_data and ad_personalization signals mapped from your categories.

Global Privacy Control

The GPC browser signal is detected, honored (configurable) and recorded on the consent record.

Microsoft Clarity consent mode

A built-in toggle drives Clarity in consent mode so heatmaps and recordings respect the visitor’s choice.

Cookie scanner

Crawls your site, detects known services and flags unrecognized scripts into a review queue with suggested categories and scan-to-scan diffs.

Geo consent rules

GDPR, CCPA/CPRA and LGPD templates apply the right behavior by region — or build custom, priority-ordered geolocation groups.

Do Not Sell workflow

Track CCPA/CPRA “Do Not Sell” requests with a status workflow, ready for the opt-out signals regulators expect.

Compliance score

A 0–100 score in the dashboard grades how complete your setup is, so you always know what’s left to configure.

10 banner languages

Banner copy ships translated in 10 languages, with per-string overrides. Language count is plan-gated (1 on Free, 2 on Solo, unlimited above).

JS + React SDK

The @consentlayer/sdk exposes hasConsent(), onConsentChange() and more — plus React useConsent() and <ConsentGate>.

REST API & API keys

A typed REST API (OpenAPI) with create/revoke API keys lets you script sites, scans and banner config from your own tooling.

MCP server for AI agents

Claude Code, Cursor and any MCP client can create the site, run the scanner, configure the banner and return the install snippet — on every plan.

01 / performance

Lightweight by design. Runs before any tracker.

The loader is dependency-free vanilla JavaScript, generated per site and served from a CDN. It loads asynchronously so it never blocks rendering, and it blocks tracking scripts before consent is given — so trackers can’t fire ahead of a decision.

  • Dependency-free vanilla JavaScript — nothing else to install
  • Loads async and never blocks page rendering
  • Blocks tracking scripts before consent is granted
  • CDN-served, per-site bundle tailored to your config
Read the install guide
Install snippet
<!-- 1 · Add to <head> -->
<script async
  src="https://api.consentlayer.com/banner/<projectKey>/banner.js"></script>

<!-- 2 · Optional: react to changes -->
window.consentlayer.onConsentChange((s) => {
  analytics.toggle(s.analytics);
});
Asyncnon-blocking
0 depsvanilla JS
CDNper-site bundle
Scanner review queue 8 m ago
_clarity · clarity.ms · newsuggest: analytics
_ga, _gid · google-analytics.comanalytics · allowed
__tld__ · ads.linkedin.com · newsuggest: marketing
cf_clearance · cloudflare.comnecessary · allowed
__stripe_mid · stripe.comnecessary · allowed

02 / detection

The scanner finds what you missed.

ConsentLayer crawls your site and matches what it finds against the built-in service library. Known services are categorized for you; anything unrecognized lands in a review queue with a suggested category you can accept or change. Every run is compared to the last, so new trackers stand out.

  • Crawls your site and detects known services from the library
  • Unrecognized scripts go to a review queue with suggested categories
  • Scan-to-scan diffs surface what changed since last time
  • Scheduled scans on paid plans · manual scans on Free
Terminal · connect your agent
$ npx -y @consentlayer/mcp setup

 MCP server connected · https://api.consentlayer.com/mcp
Tools available: create_site, scan_site,
  configure_from_scan, get_setup_snippet, list_sites …

03 / agentic

Built for the agentic web.

ConsentLayer ships an MCP server at https://api.consentlayer.com/mcp. Connect it once and an AI coding agent can stand up consent management for you — create the site, run the scanner, configure categories and the banner, and hand back the install snippet.

  • Connect in one command: npx -y @consentlayer/mcp setup
  • 20+ tools: create_site, scan_site, configure_from_scan, get_setup_snippet
  • Works with Claude Code, Cursor and any MCP client
  • Available on every plan, including Free
Set up consent with an AI agent
Consent log · last 24 h
Accept all · DE · GDPR · banner v172 m ago
Reject non-essential · FR · GDPR · banner v1711 m ago
GPC honored · US-CA · CCPA · analytics off26 m ago
Custom choice · BR · LGPD · analytics on1 h ago
Do Not Sell request · US-CA · recorded3 h ago

04 / compliance

Consent log & compliance.

Every decision is recorded — categories, jurisdiction, banner version and a salted IP hash (raw IPs are never stored). Filter by country, decision or date and export the log to CSV. A compliance score tracks how complete your setup is.

  • Records categories, jurisdiction, banner version & salted IP hash
  • Filter and export to CSV in a click
  • Retention by plan: 30 / 365 / 365 / 730 days
  • Do Not Sell tracking, compliance score & a hosted cookie policy page (Agency)

Developer experience

Built for engineers who hate consent tooling.

A script tag or a typed SDK, a REST API you can script, and an MCP server for your agent. Works in your existing stack.

SDK

Script tag or typed SDK

Drop in the script tag, or install @consentlayer/sdk for a typed API. React gets useConsent() and <ConsentGate> out of the box.

  • Script tag
  • @consentlayer/sdk
  • useConsent()
  • <ConsentGate>

API

Typed REST API & keys

An OpenAPI-described REST API lets you manage sites, scans and banner config from your own tooling. Create and revoke API keys from the dashboard.

  • REST API
  • OpenAPI
  • API keys
  • create / revoke

Agents

MCP server for agents

Connect the MCP server and let Claude Code, Cursor or any MCP client create the site, run the scanner and return the install snippet — from your editor.

  • MCP server
  • Claude Code
  • Cursor
  • any MCP client

WordPress

WordPress-friendly embed

The banner is a single async script tag, so it drops cleanly into WordPress — add it with a snippet plugin like WPCode and you’re live.

  • Async script
  • WordPress
  • snippet embed
  • no theme edits

FAQ

Frequently asked — about the product.

Have feature questions? Here are the ones we hear most. For billing or plan questions, see the pricing page.

How much can I customize the banner?

A lot. Choose one of three templates — floating, wide bar, or modal (modal is Solo and up) — from 7 positions, then customize colors, text and logo, with per-button visibility toggles. For deeper control, the JS SDK lets you drive consent state yourself with hasConsent(), onConsentChange() and showPreferences().

How does ConsentLayer block trackers before consent?

The banner runtime intercepts tracking scripts as the page loads — both static tags and dynamically injected ones — and holds them until the visitor consents. It ships 20+ built-in rules for services like Google, Meta and TikTok, plus custom per-site rules, and can consent-gate embeds and iframes too.

What languages does the banner ship with?

10 built-in languages: English, German, French, Spanish, Italian, Dutch, Portuguese, Polish, Swedish and Danish. You can override individual strings per locale. The number of languages you can use is plan-gated — 1 on Free, 2 on Solo, unlimited on Studio and Agency.

Which plans include the API, SDK and MCP server?

All of them, including Free. The typed REST API, the @consentlayer/sdk (JS + React) and the MCP server for AI agents are available on every plan — no upgrade required to build against them.

What gets recorded in the consent log?

Each decision stores the categories chosen, the jurisdiction, the banner version, the user agent and a salted hash of the IP — raw IPs are never stored. You can filter by country, decision or date and export the log to CSV. Retention is 30 days on Free, 365 on Solo and Studio, and 730 on Agency.

Can an AI agent set ConsentLayer up for me?

Yes. Run npx -y @consentlayer/mcp setup to connect the MCP server, then an agent like Claude Code or Cursor can create the site, run the scanner, configure your categories and banner, and return the install snippet — effectively adding consent management from your editor with one prompt.

How does region detection work without storing IPs?

ConsentLayer reads the visitor’s country from a CDN request header, including EU/EEA and UK detection. No raw IP is stored client-side and there’s no third-party geo provider. Built-in templates cover GDPR (opt-in), CCPA/CPRA (opt-out + GPC) and LGPD (opt-in), and you can add custom geolocation groups on paid plans.

Ship Consent. For Every Visitor. It’s That Simple.

Join the engineering teams using ConsentLayer to gate scripts, audit decisions, and stay compliant — across humans, agents, and every region.

Free tier

No credit card required

Install in seconds

GDPR / CCPA / LGPD ready