Revoke a single user's marketing consent. Records an admin-initiated entry in the consent
audit log and an entry in the backend Actions log, attributed to the API token's admin.
Use when acting on a GDPR opt-out request received outside the app.
Idempotent: calling on a user who is already opted out returns 202, refreshes the
'receive news and promotions' updated-at timestamp, and records a new entry in the
Actions log. The consent audit log only gains entries for consents whose state actually
changes.
Partner-scoped tokens: when a partner-scoped token targets a user outside the partner's
visibility, the response is 403 (consistent with other user-action endpoints) — the
user-edit ability is denied because the token's admin cannot act on the target user.
| Time | Status | User Agent | |
|---|---|---|---|
Retrieving recent requests… | |||
202Action accepted