There are many ways to get started with Data Standards CX Open Source Assets. It all depends on your team’s needs and whether you are a developer or a designer (or somewhere in between).
About CX Open Source Assets
The Data Standards CX Open Source Assets contain wireframes that demonstrate optional examples for how to put key CDR requirements into effect. These wireframes reflect CX guidelines published elsewhere on this website, and were informed by research, CDR agency collaboration, community consultation, and best practice.
Open Source Assets are version controlled and have been internally and externally reviewed for accessibility compliance. Assets are partially conformant to Web Content Accessibility Guidelines (WCAG) 2.1 level AA.
All our assets build on the GOLD Design System; component rationale, accessibility support, and code documentation are available on the GOLD Design System website.
The CX Guidelines provide optional examples of CDR key requirements and recommendations to help organisations build best practice consent models.
Wireframe designs do not necessarily prescribe how to put key requirements into effect, but the rules require CDR participants to have regard to the CX guidelines (see rules 4.10(1)(a)(ii) and 4.22(b)). Aligning with these guidelines is recommended to support a consistent and familiar CDR ecosystem that consumers can trust.
CDR Participants should also refer to the CDR Rules, data standards, and privacy guidelines for a complete view of obligations to facilitate compliance.
Design assets
Open source design assets contain wireframes and working prototypes that reflect various parts of the Consent Model.
Figma is used for wireframe creation and interactive prototyping.
Figma files are available for download at the end of this page as well as on individual CX Guideline pages. Each file includes documentation layers that can provide more information and detailed design specifications for the build process. This includes:
- Wireframes with annotated rules, standards, and/or guidelines
- Focus order notes for ‘default example’. To help with WCAG Success Criterion, focus order notes highlight:
- the intended navigation sequence of content when operated from the keyboard (2.4.3: Focus Order)
- instances where link text is programatically determined to help users understand the purpose of each link (2.4.4: Link Purpose (In Context))
- instances where a text alternative should be provided for non-text content (1.1.1: Non Text Content)
- Working prototype with limited interactions and screens for simplicity
![Layers tab of left sidebar in Figma showing:
[1] the section in ‘All pages’ for clickable prototypes;
[2] the section in individual pages for ‘focus order notes’; and
[3] the section in individual pages for annotated rules, standards, and/or guidelines.](https://images.spr.so/cdn-cgi/imagedelivery/j42No7y-dcokJuNgXeA0ig/14032330-a080-43a0-9ed7-110238ee5edb/figma/w=1920,quality=90,fit=scale-down)
- Prerequisites: Sign up and create a free Figma Starter account.
- The open source asset files use the default system font for OSX, San Francisco. San Francisco is not usable in Figma by default, to use the typeface in Figma you have to download and install San Francisco.
- Download files from individual CX Guideline pages and open in Figma.
Coded assets
Open source coded assets contain the coded prototype that reflect the Consent Flow, showing the “happy path” for Consent, Authenticate and Authorise.
Storybook is used to build User Interface (UI) components to develop and update a library of components. Each UI component is built and tested to align with CX standards and accessibility criteria of the Consent Flow.
The coded prototype is a Proof Of Concept (POC) using a Single Page Application with React JS.
- It was built for mobile experiences and dimensions.
- It reflects v1.16.1 of The Consent Flow.
- It excludes connections to API’s and most external links.
Preview the CX Consent Flow POC on GitHub.
Prerequisites: Download and install Node.js
- Download and unzip the prototype code:
- In the project directory,
- Run
npm installcommand to install all dependencies. - Run
npm startcommand to run the app in the development mode. Open http://localhost:3000 to view it in your browser. The page will reload when you make changes. You may also see any lint errors in the console.
Item | File | Date released | Version introduced |
|---|---|---|---|
Aug 25, 2022 | 1.16.1 |
To view the storybook, run npm run storybook command to view all UI components used in this project outside the application in an isolated environment. Open http://localhost:6006 to view all stories in your browser.
To test all components, run npm test command to launch the test runner in the interactive watch mode.
Download Open Source Assets
This is a consolidated list of all latest version open source assets across the Consent Model. For additional information on the Consent Model, see the individual CX Guidelines pages in Consent, Authenticate, Authorise and Consent Management.
Item | File | Preview | Link | Date released | Version introduced |
|---|---|---|---|---|---|
Consent: Collection and use consents | Mar 18, 2026 | 1.36.0 | |||
Consent: Pre-consent | Sep 16, 2025 | 1.35.0 | |||
Mar 18, 2026 | 1.36.0 | ||||
Consent: Amending consents | Sep 22, 2025 | 1.35.0 | |||
Consent: Trusted Adviser disclosure consents | Mar 18, 2026 | 1.36.0 | |||
Consent: Insight disclosure consents | Mar 18, 2026 | 1.36.0 | |||
Mar 18, 2026 | 1.36.0 | ||||
Authenticate: Redirect to Web with One Time Password | Mar 18, 2026 | 1.36.0 | |||
Authenticate: Fallback Authentication Framework | Sep 22, 2025 | 1.35.0 | |||
Authenticate: Redirect to App | Mar 18, 2026 | 1.36.0 | |||
Authorise: Authorisation to disclose | Mar 18, 2026 | 1.36.0 | |||
Authorise: Amending authorisations | Mar 18, 2026 | 1.36.0 | |||
Authorise: Authorisation to disclose joint account data | Sep 12, 2025 | 1.35.0 | |||
Consent management (Data recipient): Disclosure consents | Sep 23, 2025 | 1.35.0 | |||
Consent Management (Data recipient): Collection and use consents | Sep 17, 2025 | 1.35.0 | |||
Consent Management (Data recipient): Withdrawal | Sep 17, 2025 | 1.35.0 | |||
Notifications: CDR Receipts | Sep 23, 2025 | 1.35.0 | |||
Notifications: 90-day Notifications | Feb 27, 2025 | 1.33.0 | |||
Consent management (Data holder): Authorisations | Sep 23, 2025 | 1.35.0 | |||
Consent management (Data holder): Withdrawal | Sep 23, 2025 | 1.35.0 | |||
Consent Management (Data holder): Account permissions - Joint account disclosure option management service | Sep 26, 2025 | 1.35.0 | |||
Consent Management (Data holder): Account permissions - Secondary Users | Feb 26, 2025 | 1.33.0 | |||
Notifications: Joint account notification settings | Sep 25, 2025 | 1.35.0 |
For past versions, refer to Change log.
Last updated
This page was updated @Sep 26, 2025
Have your say
Community consultations and maintenance are part of our ongoing process. Here’s how you can get involved:
- Request new Guidelines or changes to existing Guidelines through the CX Guidelines Consultation process
- Request new Standards or changes to existing Standards through the Standards Maintenance process
- Log a ticket for any questions about the rules, standards, or guidelines through the CDR Support Portal
- Email your feedback to cx@dsb.gov.au
Quick links to CX Guidelines: