> ## Documentation Index
> Fetch the complete documentation index at: https://docs.chamelio.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Check Clickwrap Status

> Check whether a user has accepted the active version of a clickwrap

## Endpoint

```
POST /server/clickwrap/{slug}/status
```

## Authentication

This endpoint requires authentication via API key. Include your API key in the `X-API-Key` header:

```bash theme={null}
X-API-Key: ca_your_api_key_here
```

## Path Parameters

| Parameter | Type   | Required | Description                         |
| --------- | ------ | -------- | ----------------------------------- |
| `slug`    | string | Yes      | Unique identifier for the clickwrap |

## Request Body

| Field             | Type   | Required | Description                                                                    |
| ----------------- | ------ | -------- | ------------------------------------------------------------------------------ |
| `user_identifier` | string | Yes      | The identifier used when capturing the user's acceptance (e.g. email, user ID) |

## Request Example

<CodeGroup>
  ```bash cURL theme={null}
  curl -X POST "https://platform.chamelio.ai/server/clickwrap/privacy-policy/status" \
    -H "X-API-Key: ca_your_api_key_here" \
    -H "Content-Type: application/json" \
    -d '{"user_identifier": "user@example.com"}'
  ```

  ```python Python theme={null}
  import requests

  slug = "privacy-policy"

  url = f"https://platform.chamelio.ai/server/clickwrap/{slug}/status"
  headers = {
      "X-API-Key": "ca_your_api_key_here",
      "Content-Type": "application/json"
  }
  body = {
      "user_identifier": "user@example.com"
  }

  response = requests.post(url, headers=headers, json=body)
  print(response.json())
  ```

  ```javascript JavaScript theme={null}
  const slug = "privacy-policy";

  const response = await fetch(
    `https://platform.chamelio.ai/server/clickwrap/${slug}/status`,
    {
      method: 'POST',
      headers: {
        'X-API-Key': 'ca_your_api_key_here',
        'Content-Type': 'application/json'
      },
      body: JSON.stringify({
        user_identifier: 'user@example.com'
      })
    }
  );

  const data = await response.json();
  console.log(data);
  ```
</CodeGroup>

## Response

### Success Response

**Status Code:** `200 OK`

```json theme={null}
{
  "accepted": true,
  "clickwrap_version_id": 42,
  "version_number": 3
}
```

### Response Fields

| Field                  | Type    | Description                                                  |
| ---------------------- | ------- | ------------------------------------------------------------ |
| `accepted`             | boolean | Whether the user has accepted the **current active** version |
| `clickwrap_version_id` | integer | Internal identifier of the active version checked against    |
| `version_number`       | integer | Sequential version number of the active version              |

## Error Responses

### 401 Unauthorized

Returned when authentication fails. See the [authentication errors](/api-reference/introduction#authentication-errors) section for details.

```json theme={null}
{
  "detail": "Invalid API key"
}
```

### 404 Not Found

Returned when no active clickwrap exists for the given slug.

```json theme={null}
{
  "detail": "Clickwrap 'privacy-policy' not found"
}
```

### 500 Internal Server Error

Returned when the request fails due to a server error.

```json theme={null}
{
  "detail": "Internal server error"
}
```

## Notes

<Info>
  `accepted: true` means the user has accepted the **currently active** version specifically. If the clickwrap was updated since the user last accepted, `accepted` will be `false` even though the user accepted a previous version.
</Info>

<Tip>
  Use the `version_number` in the response to detect when a user accepted an older version and needs to re-accept the latest terms.
</Tip>

## Use Cases

This endpoint is useful for:

* **Access gating** - Block a user from proceeding until they have accepted the current terms
* **Re-consent checks** - Determine on login or feature access whether the user's acceptance is still current
* **Audit queries** - Programmatically verify acceptance status before performing a regulated action
