Get Cookie Policy
Public cookie policy. Returns the 4 cookie categories (essential / functional / analytics / marketing) with localized name and description.
GET /api/v1/consent/cookies/policy — 🌐 Public
Returns the cookie consent policy — the 4 cookie categories with their localized name/description and the required flag (only essential is required). The catalog is currently hardcoded server-side (COOKIE_CATEGORIES constant in the controller); admin configurability would require a CMS-managed migration.
Localization is hardcoded to en + tr. The name and description fields are fixed objects with en and tr keys; no other locales are returned. To add a locale, the server-side constant needs to be expanded — the API contract supports adding more keys to the same object shape, but the response will still be a single object containing every supported locale (clients pick the locale they need).
required: true for essential cookies. Render the essential category as non-toggleable in the consent banner — the user can't opt out. The POST /consent/cookies body only accepts analytics, marketing, functional flags; the essential set is always on.
Request
No body, no params, no headers required.
Response
200 OK — ApiResponseOf<CookiePolicyDto>
{
"success": true,
"data": {
"categories": [
{
"id": "essential",
"required": true,
"name": { "en": "Essential", "tr": "Zorunlu" },
"description": { "en": "Required for the site to function", "tr": "Sitenin çalışması için gerekli" }
},
{
"id": "functional",
"required": false,
"name": { "en": "Functional", "tr": "İşlevsel" },
"description": { "en": "Enhanced functionality", "tr": "Gelişmiş işlevsellik" }
},
{
"id": "analytics",
"required": false,
"name": { "en": "Analytics", "tr": "Analitik" },
"description": { "en": "Anonymous usage statistics", "tr": "Anonim kullanım istatistikleri" }
},
{
"id": "marketing",
"required": false,
"name": { "en": "Marketing", "tr": "Pazarlama" },
"description": { "en": "Personalized content", "tr": "Kişiselleştirilmiş içerik" }
}
]
}
}Item fields
| Field | Type | Notes |
|---|---|---|
id | string | Stable identifier — essential / functional / analytics / marketing |
required | boolean | true only for essential. Render non-toggleable in the banner. |
name.en / name.tr | string | Localized display name |
description.en / description.tr | string | Localized short description |
Errors
This endpoint has no documented errors — no throttle, no kill switch. Always 200.
Side effects
- Return the hardcoded
COOKIE_CATEGORIESconstant array. No DB read, no mutations, no per-user state.
Code samples
curl https://api.bio.re/api/v1/consent/cookies/policytype LocalizedText = {
en: string;
tr: string;
};
type CookieCategory = {
id: 'essential' | 'functional' | 'analytics' | 'marketing';
required: boolean;
name: LocalizedText;
description: LocalizedText;
};
type CookiePolicy = {
categories: CookieCategory[];
};
async function getCookiePolicy(): Promise<CookiePolicy> {
const res = await fetch('https://api.bio.re/api/v1/consent/cookies/policy');
const json = await res.json();
if (!res.ok || !json.success) {
throw Object.assign(new Error(json?.error?.message ?? 'Cookie policy fetch failed'), {
code: json?.error?.code,
});
}
return json.data;
}import { useQuery } from '@tanstack/react-query';
export const consentKeys = {
cookiePolicy: () => ['consent', 'cookies', 'policy'] as const,
};
export function useCookiePolicy() {
return useQuery({
queryKey: consentKeys.cookiePolicy(),
queryFn: async () => {
const res = await fetch('/api/v1/consent/cookies/policy');
const json = await res.json();
if (!res.ok || !json.success) {
throw Object.assign(new Error(json?.error?.message ?? 'Cookie policy fetch failed'), {
code: json?.error?.code,
i18nKey: json?.error?.i18nKey,
});
}
return json.data as CookiePolicy;
},
// Hardcoded constant — cache aggressively
staleTime: Infinity,
gcTime: 24 * 60 * 60_000,
});
}Try it
Response Body
application/json
curl -X GET "https://loading/api/v1/consent/cookies/policy"{
"success": true,
"data": {
"categories": [
{
"id": "essential",
"required": true,
"name": {
"en": "Essential",
"tr": "Zorunlu"
},
"description": {
"en": "Essential",
"tr": "Zorunlu"
}
}
]
}
}Source
| Source | Path | Lines |
|---|---|---|
| Controller | apps/api-core/src/modules/content/cookie-consent.controller.ts | 50–56 (getPolicy), 22–43 (COOKIE_CATEGORIES hardcoded constant) |
| DTO (response) | apps/api-core/src/modules/content/dto/content-public-response.dto.ts | 346–349 (CookiePolicyDto), 329–341 (CookieCategoryDto), 318–324 (CookieCategoryNameDto) |
Submit Contact Form
Public contact form submission. Captcha-gated (active provider, admin-managed). Captures user-agent + IP server-side. Stores in ContactMessage and fires fire-and-forget admin notification. Hard 3/hour throttle.
Get Cookie Consent Status
Public endpoint that works for both anonymous and authenticated users. Returns the current policy version, the user's last-saved version (null for anonymous), and a flag telling the UI whether to re-show the consent banner.