> For the complete documentation index, see [llms.txt](https://legacy-docs.usesmileid.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://legacy-docs.usesmileid.com/integration-options/web-mobile-web/web-integration/end-user-consent.md).

# End User Consent

**Scope:** [Basic KYC](/products/for-individuals-kyc/basic-kyc.md), [Biometric KYC](/products/for-individuals-kyc/biometric-kyc.md), [Enhanced KYC](/products/for-individuals-kyc/identity-lookup.md)

End-User consent can be requested as part of your Web Integration configuration using the `consent_required` configuration documented in the Usage Page, or required by the ID Authority.\
\
Where required by the ID Authority, the Consent Screens will be added as part of the user KYC process. Where not required by the ID Authority, we only show the Consent Screens when provided as part of the Web Integrations configuration.

## The Consent Approaches

Depending on the id type you are accessing, there are two different approaches users will be required to grant consent. They are:

* UI / visual consent
* UI / visual consent + Time-based One-Time Password (TOTP)

### UI / Visual Consent

The first approach starts with a single consent screen

#### End-User Consent Request

<figure><img src="/files/vfsfKZ06rAGSoDYuwA0U" alt=""><figcaption></figcaption></figure>

On clicking the "Cancel" button, the user is then prompted to be sure they wish to cancel.

#### End-User Consent Denied

<figure><img src="/files/CTrBb7GNCN2g9HDGWhAB" alt=""><figcaption></figcaption></figure>

If they wish to cancel and click the "No, Cancel Verification" button, an event is published notifying that `SmileIdentity::ConsentDenied`.\
\
This event triggers the `onError` handler set up when configuring the Web Integration, if it exists.

#### End-User Consent Granted

If the end-user clicks the "Allow" button, they proceed to provide accompanying user information like the ID Number, and some PII information in the case of Basic and Biometric KYC.\
\
The final request to the Smile ID software system is enhanced with information that we store in our records stating that we got end-user consent.

### UI / Visual Consent + Time-based One-Time Password

This approach starts with the visual consent flow, but requires the user to verify they have the right to grant consent by providing an OTP sent to the registered contact methods for the ID Type.

Currently, only Bank Verification Number (BVN), `BVN_MFA` id type, in Nigeria requires this consent approach.

In this flow, the user gets prompted for their ID number after clicking "Allow" in the Visual Consent phase.

#### ID Number Request

<figure><img src="/files/yRSbvFUuAbTPFdO64dDm" alt=""><figcaption></figcaption></figure>

On submitting their ID number, the OTP Delivery Methods are queried.

#### Select Contact Method

<figure><img src="/files/gt2JwOEgIKDM0mEWsU93" alt=""><figcaption></figcaption></figure>

Here, the user has the chance to select one of the contact methods to receive a TOTP.

#### Contact Methods Outdated

If the contact methods presented are outdated, and the user clicks the "I am no longer using any of these options" button, an event is published notifying that `SmileIdentity::ConsentDenied::TOTP::ContactMethodsOutdated`

This event is published along with some extra information in the shape:

```json
{
  "id_number": "<id_number provided by the user>",
  "message": "SmileIdentity::ConsentDenied::TOTP::ContactMethodsOutdated"
}
```

This event object also triggers the `onError` handler set up when configuring the Web Integration, if it exists. We advise that our integrating partners use this to provide an off-ramp approach for their users.

#### OTP Verification Screen

When a user selects one of the contact methods and clicks "Continue", they are then directed to the OTP Verification screen

<figure><img src="/files/Tq7BouyLGxSA03w950TN" alt=""><figcaption></figcaption></figure>

On provision of a valid OTP, the user is directed to the PII or Biometric Data collection screens for Basic KYC and Biometric KYC, or the request is submitted for Enhanced KYC.

## Usage

To use the End User Consent screens in your configuration, we use the `consent_required` field when instantiating the Web Integration. See an example below.

```javascript
window.SmileIdentity({
  token,
  product,
  callback_url,
  environment,
  consent_required: {
    KE: ["ALIEN_CARD", "NATIONAL_ID", "PASSPORT"],
    NG: ["BVN", "BVN_MFA", "DRIVERS_LICENSE", "V_NIN", "VOTER_ID"],
  },
  partner_details: {
    partner_id,
    signature,
    timestamp,
    name: "Demo Account",
    logo_url: "https://via.placeholder.com/50/000000/FFFFFF?text=DA",
    policy_url: "https://usesmileid.com/privacy-privacy",
    theme_color: "#000",
  },
});
```

**N.B.:** This configuration is subject to the ID Authority's requirements. If the ID Authority requires End User Consent, the Web Integration displays the screen regardless of the configuration options.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://legacy-docs.usesmileid.com/integration-options/web-mobile-web/web-integration/end-user-consent.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
