# Consent using Mastercard Consent Management UI source: https://developer.mastercard.com/consent-management/documentation/use-cases/transaction-notifications/single-card-enrolment/card-auth-consent-ui/index.md ## Mastercard Consent Management UI {#mastercard-consent-management-ui} The experience should be familiar to most cardholders. First, the cardholder consents to the permissions that you are requesting and enters their card number. Then, the bank will then authenticate the user and ensure that only the genuine cardholders are authorized. Once that is complete, the card is linked to your service. ![Consent Flow](https://static.developer.mastercard.com/content/consent-management/documentation/images/consent-flow-2_1.png "Consent Flow") Diagram userconsent ## **Call To Action** {#strongcall-to-actionstrong-br} Display your **call to action** to the cardholder. We recommend that you inform cardholders of the benefits of enrolling their card into your service and outline the type of data you would like them to share. 1. Cardholder is asked to consent to share their transaction data with your service and is provided with the terms and conditions and privacy policy for the Mastercard Open APIs. 2. Cardholder proceeds by accepting terms and conditions. ## **Launch Consent Flow** {#stronglaunch-consent-flowstrong-br} Launching the consent flow requires you to generate a Json Web Token [JWT](https://developer.mastercard.com/consent-management/documentation/use-cases/transaction-notifications/single-card-enrolment/card-auth-consent-ui/index.md#jwt-creation). The consent flow is launched from a web view or an iframe through your application. Please investigate your SDK for details about launching a third-party URL experience. Mastercard directly interacts with the cardholder for authentication and consent collection. 3. Your service creates a JWT using the signing keys received as part of project creation. 4. Your service launches the Mastercard UI. 5. Mastercard UI notifies the cardholder about sharing data with your service. 6. Cardholder provides explicit consent to share their transaction data in real-time with your service. 7. Cardholder provides card details. 8. Cardholder is authenticated using the 3DS authentication method by their issuer. 9. Mastercard UI notifies the cardholder on successful authentication. ## **Your service is notified** {#strongyour-service-is-notifiedstrong-br} After the consent flow, your application will be notified and receive a card reference that will be used to identify cardholder notifications and make inbound calls to retrieve data. 10. Mastercard UI provides enrolment details(cardReference, first6, last4 etc.) to the parent window. ## Next Steps {#next-steps} To learn how to invoke mastercard consent management UI, check out the following [tutorial](https://developer.mastercard.com/consent-management/documentation/tutorials/auth-consent-ui/index.md).