COOKiES Consent Management

Name: COOKiES Consent Management
Author: jfeltkamp

User consent management module for Drupal that enables GDPR-compliant cookie handling and third-party service integration with a fully configurable, translatable user interface.

cookies

11,451 sites

drupal.org

gui api integration

gdpr cookie consent privacy compliance third-party integration user consent cookie banner data protection

Drupal 9 Drupal 10 Drupal 11

Install

Drupal 11, 10, 9 v1.2.16

composer require 'drupal/cookies:^1.2'

Overview

COOKiES is a comprehensive user consent management solution for Drupal sites that need to comply with GDPR and similar privacy regulations. The module enables existing third-party integration modules to continue being used while ensuring users must agree to the use of cookies before they are installed.

Built on the cookiesJSR JavaScript library, COOKiES provides a fully responsive, translatable cookie consent banner with granular control over service categories (tracking, marketing, social, functional, video, performance). Site administrators can configure individual services with detailed processor information, privacy policy links, and custom placeholder texts that appear when content is blocked.

The module automatically generates GDPR-compliant documentation listing all configured services and their data processing details. This documentation can be displayed as a dedicated page, embedded via a block, or inserted using the [cookies:docs] token. For authenticated users, consent preferences can be stored in the database and restored across different browsers and sessions.

Important: No liability is assumed regarding compliance with the GDPR. Site administrators are responsible for ensuring proper configuration and legal compliance.

Features

Fully responsive cookie consent banner with Accept All, Deny All, and granular Settings options
Complete translation support for all UI text through Drupal's configuration translation system
Group-level or individual service consent management with configurable service groups (Tracking, Marketing, Social, Functional, Video, Performance)
Auto-generated GDPR-compliant documentation showing processor details, privacy policies, and cookie information
Persistent consent storage for authenticated users across browsers and sessions
Two-click solution for external content (iframes, embeds, videos) via the cookies_filter submodule
Customizable CSS styling via CSS variables or complete stylesheet replacement
Token support ([cookies:docs]) for embedding cookie documentation in content
JavaScript library loading from CDN or local installation
Scroll-triggered banner display option for improved page speed
Configurable cookie settings including name, expiration, domain, secure flag, and SameSite attribute
Dynamic menu link in Tools menu for opening cookie settings dialog

Use Cases

Basic GDPR Cookie Consent

Install COOKiES and place the Cookies UI block in your theme. Configure service groups and services matching your site's third-party integrations. Add links to privacy policy and imprint pages. Users see consent banner on first visit and can adjust preferences anytime via the settings dialog.

Google Tag Manager Integration

Enable cookies_gtag submodule alongside google_tag module. A 'gtag' service is automatically created. GTM scripts won't load until user accepts tracking cookies. Configure processor details with Google LLC information for documentation.

Video Embedding with Consent

Enable cookies_video submodule. Video media embeds (YouTube, Vimeo) display a placeholder with consent button instead of loading immediately. User can accept video cookies specifically or accept all cookies.

Custom Third-Party Service Integration

Create a new COOKiES service entity for your custom integration. In your module, use the cookies.knock_out service to check if blocking is needed. Listen for cookiesjsrUserConsent JavaScript events to initialize your service when consent is given. Use the cookiesOverlay() jQuery plugin to display placeholders.

Multilingual Cookie Consent

All COOKiES texts are translatable via Drupal's configuration translation. Go to /admin/config/system/cookies/texts/translate to add translations for each language. Service documentation and group descriptions also support translation.

Group-Level Consent for Simplified UI

Enable 'Group consent' in COOKiES configuration. Users see only service groups (Tracking, Marketing, etc.) without individual service toggles. Combine with 'Display cookie documentation links' to provide detailed service information on a separate page.

Authenticated User Consent Persistence

Enable 'Store consent for authenticated users' in callback options. Logged-in users' preferences are saved to the database. When they log in on a different browser, their consent preferences are automatically restored.

Two-Click Solution for Text Content

Enable cookies_filter submodule. Add the COOKiES Filter to a text format. Content with iframes, embeds, or external images shows a consent placeholder. Users must click to accept cookies before external content loads.

Tips

Use CSS variables to customize the cookie banner appearance without completely replacing the stylesheet. See the cookiesJSR documentation for available variables.
The [cookies:docs] token can be used in content to embed cookie documentation anywhere, such as on your privacy policy page.
Set scroll limit to a value >= 1 to defer library loading and improve page speed scores.
For GDPR compliance in Italy, enable 'Deny all services on Layer close' to treat the X button as a deny action.
When creating custom service integrations, use consistent machine names between your service entity and JavaScript service key.
Add processor company details (privacy policy URL, contact) to provide comprehensive GDPR documentation automatically.
Use group consent mode with documentation links when you have many services to simplify the user interface.

Dependencies

Configuration Translation Core Required

Block Core Required

Related Projects

cookiesJSR JavaScript Library

Core dependency providing the responsive cookie consent UI. Can be loaded from CDN (jsdelivr) or installed locally in /libraries/cookiesjsr/. Version 2.x required for current COOKiES module.

Google Tag Manager (google_tag)

Via cookies_gtag submodule. GTM scripts are blocked until appropriate consent is given.

Google Analytics (google_analytics)

Via cookies_ga submodule (deprecated). Use cookies_gtag instead.

Matomo (matomo)

Via cookies_matomo submodule. Matomo tracking blocked until consent.

reCAPTCHA (recaptcha)

Via cookies_recaptcha submodule. Google reCAPTCHA blocked until consent.

Asset Injector (asset_injector)

Via cookies_asset_injector submodule. Injected assets can be associated with services.

Media Entity Instagram (media_entity_instagram)

Via cookies_instagram submodule. Instagram embeds blocked until consent.

Media Entity Twitter (media_entity_twitter)

Via cookies_twitter_media submodule. Twitter embeds blocked until consent.

Core Media (drupal:media)

Via cookies_video submodule. Video embeds blocked until consent.

Technical Details

COOKiES /admin/config/system/cookies

Overview page providing access to all COOKiES configuration sections including base configuration, widget texts, service groups, and individual services.

COOKiES Configuration /admin/config/system/cookies/config

Configure the core settings for the COOKiES consent management system including cookie properties, banner behavior, settings dialog options, JavaScript library settings, styling, and callback options.

COOKiES Widget Texts /admin/config/system/cookies/texts

Configure all translatable text labels, messages, and links displayed in the cookie consent UI. All texts support Drupal's configuration translation system for multilingual sites.

COOKiES Service Group Entities /admin/config/system/cookies/cookies-service-group

Manage service groups that organize individual cookie services into categories (e.g., Tracking, Marketing, Social). Groups are displayed as tabs in the settings dialog and organize the cookie documentation.

COOKiES Service Entities /admin/config/system/cookies/cookies-service

Manage individual cookie services representing third-party integrations that require user consent. Each service belongs to a group and can have detailed processor information, custom placeholder texts, and documentation.

Cookie Documentation /cookies/documentation

Public-facing page displaying comprehensive documentation of all configured cookie services, organized by group. Shows processor details, privacy policy links, and service descriptions as required by GDPR.

Configure cookies widget texts

Allows configuring the translatable text labels displayed in the COOKiES consent widget.

Configure COOKiES base configuration

Allows configuring core COOKiES settings including cookie properties, banner behavior, and library options.

Administer COOKiES service groups

Allows creating, editing, and deleting COOKiES services and service groups.

hook_cookies_user_consent

Invoked when a user changes their cookie consent preferences. Use this hook to perform backend operations based on consent changes while maintaining site cacheability.

Cookie banner not appearing

Ensure the 'Cookies UI' block is placed in your theme's block layout and is visible (check block visibility settings). Verify the block is assigned to the correct theme. Check browser console for JavaScript errors.

Library loading error - still loads from CDN despite local setting

When 'Load Cookies JSR from CDN' is disabled, the library must be installed at /libraries/cookiesjsr/dist/cookiesjsr.min.js. Download from https://github.com/jfeltkamp/cookiesjsr and place in the correct location.

Services not blocking content

Verify the service entity has 'Consent required' enabled. Check that your integration code uses the cookies.knock_out service to determine blocking. Ensure the COOKiES UI block is accessible on the pages where blocking should occur.

Translation not working for cookie texts

COOKiES uses configuration translation. Navigate to /admin/config/system/cookies/texts and click 'Translate' to add translations for each language. Clear caches after adding translations.

Settings dialog not opening via menu link

Ensure your menu link uses the correct hash format: #editCookieSettings (or your configured value). The COOKiES UI block must be present on the page for the dialog to open.

Authenticated user consent not persisting

Enable 'Store consent for authenticated users' in /admin/config/system/cookies/config under Callback options. This stores consent in key-value storage and restores it on login.

No liability is assumed regarding GDPR compliance. Site administrators are responsible for proper configuration and legal compliance.
Configure the cookie SameSite attribute appropriately: 'Strict' provides the most security but may affect cross-site functionality.
Enable 'Secure mode' (HTTPS only) for production sites to prevent cookie transmission over unencrypted connections.
The cookie storing consent preferences contains no personally identifiable information - only service acceptance flags.
When storing authenticated user consent, preferences are tied to user ID and stored in Drupal's key-value storage.