I am a bit puzzled by the API documentation about consents, especially this paragraph;
During an interaction, the
consentToken provided to your skill might not contain sufficient permissions for your skill to fulfill the request. For example, perhaps the customer did not consent to any permissions during enablement (voice enablement), or a skill may have been updated with new required permissions that were not present in previous versions. In those cases, your skill can display a special permissions card to ask customers for consent dynamically.
I know i have to set the required 'permissions' on skill configuration level, but inside my skill i don't see a way of verifying the 'scopes' inside the given consentToken.
To give an example; what if i require the following scopes/permissions in my skill:
If my experience is correct, a customer can enable some of them, but not all. In this case i would get a consent token, but i would not know if the customer has enabled 'the right' consents for the specific intent, right?
There is an API to verify a consentToken, but is there also an API to verify if a consent token contains a specific scope? Is it even possible to ask for scopes limited to a single intent e.g. ask for 'one more', or do i (when i return a AskForPermissionsConsent card) have to specify ALL scopes my skill needs?