# Verify Authentication source: https://developer.mastercard.com/consent-management/documentation/tutorials/card-consents-tutorial/verify-auth/index.md The last part of all authentication mechanisms is to call the Consent Management API `/consents/{cardRef}/verify-authentication`. * Java * Python ```java /** * Call Consent Management API to verify authentication or * get challenge results. (If successful consent status is updated to APPROVED). * * @return String * @throws ApiException */ @RequestMapping(value = "/verify-authentication", method = {RequestMethod.GET, RequestMethod.POST}) public String verifyAuthentication(RedirectAttributes redirectAttrs, Model model) { Map params = new HashMap<>(); VerifyAuthReq verifyAuthReq = new VerifyAuthReq(); Auth auth = new Auth(); auth.setParams(params); verifyAuthReq.setAuth(auth); try { VerifyAuthResp resp = apiService.getApiClient().verifyConsentsAuth(cardRef, verifyAuthReq); redirectAttrs.addFlashAttribute("authStatus", resp.getAuth().getStatus()); redirectAttrs.addFlashAttribute("cardRef", cardRef); return "redirect:/consents"; } catch (ApiException e) { model.addAttribute(ERROR_MSG, e.getResponseBody()); } catch (Exception e) { model.addAttribute(ERROR_MSG, e.getMessage()); } return ERROR_TEMPLATE; } ``` ```python @app.route("/verify-authentication", methods=['POST', 'GET']) def verify_authentication(): """ Challenge window is complete, need to call API to get the result of the authentication """ verify_data = {} # Call POST /consents/{cardRef}/verify-authentication to verify results of # the 3DS challenge. If authentication was successful the consent status is updated to APPROVED. resp = api_verify_authentication(session['card_ref'], verify_data) session['auth_status'] = resp["auth"]["status"] return redirect(url_for('consents_info')) ``` Once verification is complete, the authentication result will be shown in the consent info page. Upon successful authentication, the consent status will be **APPROVED**.