# Verify Authentication
source: https://developer.mastercard.com/consent-management/documentation/tutorials/consents-tutorial/verify-auth/index.md

The last part of all authentication mechanisms is to call the Consent Management API
`/consents/{cardRef}/verify-authentication`.
* Java
* Python

```java
/**
 * Call Consent Management API to verify authentication (get challenge results 
 * if successful, consent status is updated APPROVED)
 * @param body
 * @param model
 * @return String
 * @throws ApiException
 */
@RequestMapping(value = "/verify-authentication", method = {RequestMethod.GET, RequestMethod.POST})
public String verifyAuthentication(@RequestParam Map<String, String> body,
                                    Model model) throws ApiException {

    Map params = new HashMap();

    VerifyAuthReq verifyAuthReq = new VerifyAuthReq();
    Auth auth = new Auth();
    auth.setParams(params);
    verifyAuthReq.setAuth(auth);
    VerifyAuthResp resp = apiService.verifyAuth(cardRef, verifyAuthReq);

    model.addAttribute("auth", resp.getAuth());
    return "auth-complete";
}
```

```python
@app.route("/verify-authentication", methods=['POST', 'GET'])
def verifyAuthentication():
    "challenge window is complete, need to call API to get the result of the authentication"
    print(f'verifyAuthentication called')

    verifyData = {} 

    # Call POST /consents/{cardRef}/verify-authentication to get results of 
    # the 3DS challenge. If authentication was successful the consent status is updated APPROVED.
    resp = callVerifyAuthentication(cardRef, verifyData)
    auth = resp["auth"]
    print(f'got {auth}')
    return render_template('auth-complete.html', **auth)

```

Once verification is complete, the authentication result will be shown.
Upon successful authentication, the consent status will be **APPROVED**.