/login API endpoint will allow your application to authenticate users with a verified account. Depending on the authentication method used (email address or mobile phone number), the end user will enter their identifier and a password or, when using a one-time password (OTP), will just enter an identifier and will be sent a single use code.
As a response to this call in Next Identity, if the user is not flagged in the database as having accepted your most recent consent agreements, you'll receive a successful response with a message that the user needs to accept consent agreements.
Our recommendation is that you then present them with your own screen to accept consent agreement, and that you pass that acceptance into the subsequent
/tokencall to Next Identity. Afterwards, it will be recorded in the user profile.
If the user has not verified their email address or mobile phone number, your application will not receive a successful response from the
/loginendpoint. This will be your indication that you will need to ask them to verify their user ID.