> ## Documentation Index > Fetch the complete documentation index at: https://docs.yapily.com/llms.txt > Use this file to discover all available pages before exploring further. # Payment Consents > Manage payment consents in Yapily. Create, use, and revoke consent tokens for single-use and recurring payment authorisations across supported institutions. For an overview of how consents work across both data access and payments, see [Understanding Consents](/concepts/consent-lifecycle). *** ## Introduction In order to process a payment on behalf of the user, the user will need to authenticate with their financial institution and give explicit consent. In most cases, this will involve redirecting users to the bank's authorisation screen either in the web browser or on a mobile device by redirecting to the url provided by the `authorisation-url` or `qr-code-url`. In any case, the goal is to obtain a `consent-token` which is supplied as the `Consent` header parameter to sign payments requests. Collectively we refer to this process as 'Obtaining a Consent' or 'Authorisation'. ## Consent Validity A PIS `consent-token` is single use only. Once the `consent-token` has been used to execute the payment, it can only be used to check the payment details. ## Authorisation Status Depending on which of the [payment authorisation flows](/open-banking-flow/user-authorisation/overview) the `Institution` your user is initiating a payment from, the `Consent` status may transition through a number of intermediary states. These states indicate an action that must either be performed by the user before you can be issued a `consentToken` to successfully initiate the payment: PaymentStatus-Yapily_Auth Status `UNKNOWN`: This is just the enumeration's default. ## Multiple Authorisations For some business and joint accounts, as part of the SCA process for Open Banking, your users may be required to give multiple authorisations to approve the initiation of a payment. The normal authorisation flow takes place for the first PSU, including getting receipt of the consent token. When you request payment execution and multiple authorisations are required: * The payment status will remain at `PENDING` * Information regarding the additional authorisations is included in the [MultiAuthorisationStatus](/api-reference/payments/get-payment-details#response-data-payments-items-status-details-multi-authorisation-status) object for the payment. This object contains details of how many authorisations are required and how many more need to be completed For example: ```json theme={null} { "data": { "id": "pv3-c8eece27-eb1a-4c27-a13c-2f805703dab2", "paymentIdempotencyId": "1d54cf71bfe44b1b8e67247aed455d96", "institutionConsentId": "sdp-1-aa9d0941-43ff-4abb-8129-4d56b620b8ee", "paymentLifecycleId": "69d554dea74276e8b1b44efb17fc45d1", "status": "PENDING", "statusDetails": { "status": "PENDING", "statusUpdateDate": "2019-09-26T15:38:33.401Z", "multiAuthorisationStatus": { "status": "AWAITING_FURTHER_AUTHORIZATION", "numberOfAuthorisationRequired": 2, "numberOfAuthorisationReceived": 1, "lastUpdatedDateTime": "2019-09-26T15:38:33.408Z" } } } } ``` The extra authorisations take place offline (phone, sms, text, email) and are completed by the owner of the business account or the other account holders of the joint account. As these are offline authorisations, they do not take place within Yapily's domain. Once the authorisations are completed, the payment status is updated. You can monitor the status of the payment using [Get Payment Details](/api-reference/payments/get-payment-details).