Didomi Consent String (DCS) & Signature
The Didomi Consent String (DCS) didomi_dcs has replaced the deprecated didomi_token as the mechanism used to store end-user consent. Click here for more information on migrating your consent notices so that use the Didomi Consent String.
The Didomi Consent String (DCS) is a compact and modern consent string format that is designed to offer full flexibility in representing an end-user's privacy choices. It is fully supported on both web and mobile platforms includes all of Didomi SDKs for websites, iOS, and Android applications. In this article, we will cover the following:
Didomi Consent String (DCS) overview
The Didomi Consent String (DCS) is a foundational component of privacy infrastructure that is highly performant and enables legal compliance. It exceeds the scope of traditional solutions by enabling organizations to encode and store all types of consent data in a single binary string.
Inspired by the Interactive Advertising Bureau's (IAB) TC String, an industry standard for Transparency and Consent Framework (TCF) vendors, the DCS allows your organization to not only support TCF vendors and purposes but also custom vendors and purposes, Authorized Technology Providers (ATPs), etc... in a single, lightweight, and privacy-compliant format. Some benefits of utilizing the DCS include:
Compact size
Uses a binary format instead of JSON, reducing the overall cookie size to stay well below 2 KB.
Performance boost
Lighter payloads improve page speed and SEO rankings.
Easier to parse
No need to decode complex JSON strings client-side.
Click here to review Didomi developer documentation regarding the Didomi Consent String (DCS).
didomi_dcs
didomi_dcs The Didomi Consent String (DCS) is stored in didomi_dcs and replaces the deprecated didomi_token which was typically stored in a browser's cookies or local storage. Like its predecessor didomi_dcs can be:
Stored in cookies or local storage.
Read by Didomi SDKs, APIs, and third-party integrations.
Read by Didomi SDKs, APIs, and third-party integrations.
Used to determine whether consent or legitimate interest applies to specific data processing activities.
Note: Consent notices created after June 17th, 2025 will have the Didomi Consent String (DCS) enabled by default (i.e. didomi_dcs will be utilized to store end-user consent). Previously created message will need to migrate to the Didomi Consent String (DCS) no later than June 2026. After this date, Didomi will enforce the Didomi Consent String (DCS) on all consent notices and full deprecate support for the didomi_token format. Click here to learn more about migrating to the DCS.
Didomi Consent String (DCS) encoding
The Didomi Consent String (DCS) utilizes a binary format that is designed to be efficient and flexible. It supports three encoding mechanisms:
BitField
Ideal for compactly encoding consecutive or closely packed IDs
Range
Efficient when encoding groups of IDs with gaps
Fibonacci
Optimized for compressing large sets of continuous or patterned ID ranges
Each section within the DCS (e.g., purposes or vendors) may use a different encoding mechanism, depending on the nature and distribution of the IDs. The encoding is automatically selected by the Didomi DCS library to generate the smallest and most efficient string possible.
Data within the DCS include the following:
Header metadata
Version, creation date, last update date, user ID, and sync status.
Purposes consent
End-user choices for processing their personal data for specific purposes that utilize consent as a legal basis.
Purposes legitimate interest
End-user choices for processing their data for specific purposes that utilize legitimate interest as a legal basis.
Vendors consent
End-user choices for allowing specific vendors to process data that utilize consent as a legal basis.
Vendors legitimate interest
End-user choices for allowing specific vendors to process data that utilize legitimate interest as a legal basis.
Device ID (DID)
Unique device identifier. (Optional)
Organization User ID (OUID)
User ID provided by the organization that is useful for syncing consent across devices. (Optional)
Signature
A premium feature that adds a cryptographic signature to verify the integrity and authenticity of the consent string. (Optional) Click here for more information.
Didomi Signature
The Didomi Signature is a premium feature for the Didomi Consent String (DCS) and adds a cryptographic seal to the DCS to ensure the authenticity and integrity of the end-user's consent. The signature can help your organization to:
Verify end-user consent data has not been tampered with
Add legal value by proving an end-user's consent is genuine and unchanged
Click here for information on how to enable the Didomi Signature.
The signature is a combination of a key and the signature. Didomi utilizes multiple signing keys (A, B, C...) with a round-robin algorithm and if a key is ever compromised it is disabled and rotated out with no service disruption
Decode Didomi Consent String (DCS)
The Didomi Consent String (DCS) can be decode by using the DCS decoder, which will transform the binary string into a human-readable JSON object.
Click here to review our developer documentation on how to programatically decode the Didomi Consent String (DCS).
Input the end-user's DCS into the provided space and click Decode.
The DCS decoder output will include the following:
Full JSON object containing consent metadata, vendor/purpose selections, and timestamps.
Signature verification status (if the DCS contains a cryptographic signature)
Last updated