Core Feature
Consent Management
A consent session is a single, user-approved request. The user scans a QR and approves with biometrics; your app is notified by webhook. The same primitive powers login, transactions, document signing, and identity verification.
Consent intents
| Intent | Use case |
|---|---|
| LOGIN | Passwordless sign-in for a returning, enrolled user |
| TRANSACTION | Approve a payment or high-value action with biometrics |
| SIGNATURE | Biometrically sign a document |
| OAUTH | Share verified identity claims (see Verify with MID) |
Create a consent session
POST
/v1/consents/authCreate a consent session and return a QR payload
Request Body
| Parameter | Type | Required | Description |
|---|---|---|---|
| clientId | string | Yes | Your application's client ID |
| recipient | string | Yes | The enrolled user's phone number |
| intent | string | Yes | LOGIN, TRANSACTION, SIGNATURE, or OAUTH |
| callbackUrl | string | Yes | Signed webhook URL for the approval result |
| transaction | object | Yes | { type, description, amount, currency, payee } |
Create consent session
curl -X POST 'https://api.mobid.io/v1/consents/auth' \
-H 'Content-Type: application/json' \
-d '{
"clientId": "your_client_id",
"recipient": "+2348012345678",
"intent": "LOGIN",
"callbackUrl": "https://yourapp.com/api/mid/webhook",
"transaction": {
"type": "LOGIN",
"description": "Sign in to YourApp",
"amount": 0,
"currency": "NGN",
"payee": "your_client_id"
}
}'Response
{
"code": 201,
"error": false,
"message": "Consent created successfully",
"data": {
"sessionId": "b0f2…",
"qr": "<base64 png>",
"status": "pending"
}
}ℹ
Rendering the QR
Render
data.qr, or fetch a PNG directly from GET /v1/consents/qr/{type}/{sessionId}. The MID app encodes the session as mid://auth/{sessionId}.Session lifecycle
A session moves pending → APPROVED (or expires after 5 minutes). On approval MID posts a signed webhook to your callbackUrl. For OAUTH intent, the webhook also carries the verified claims.
GET
/v1/consents/auth/:sessionIdFetch consent details by session ID
ℹ
Next steps
For identity verification, use the Verify with MID guide (OAUTH intent). For handling the result, see Webhooks.