Overview
Monndé Visa is the central identity, authentication, and consent management service for the Monndé ecosystem. It provides a secure, unified way to identify users across multiple applications (like AAC, Medyp) while maintaining strict boundaries for consent and data privacy.
Unified Identity
Single Sign-On (SSO) experience across all supported platforms.
Granular Consent
Service-specific marketing consents with immutable audit logs.
Key Architectural Concepts
Source-Aware Access
Every request to the Visa API must include the X-Source-Token header. This token identifies the Calling Service (e.g., AAC Web, Medyp iOS). Visa uses this to:
- Enforce rate limits per application.
- Log audit trails for consent changes.
- Determine which service's marketing consent is being updated.
The "Source of Truth"
The /auth/me endpoint is the definitive source of truth. Client applications should never cache user state (especially consents) for long periods. Always fetch fresh state on session start to ensure compliance with privacy regulations.
Consent Scope
Privacy Consent: Global and immutable. Required to have an account.
Marketing Consent: Per-service. A user can agree to marketing from "AAC" but decline "Medyp". Visa tracks these independently based on the Source Token used during the update.
Authentication
Visa supports passwordless authentication via OTP (Email) and OAuth2 Social Providers. Tokens are standard JWTs (Access & Refresh).
OTP Flow
The primary method for direct authentication.
1. Request OTP
{
"email": "user@example.com",
"privacy_consent": true,
"marketing_consent": false
}2. Verify OTP
{
"token": "ey...<access_token>",
"refresh_token": "ey...<refresh_token>",
"user": {
"id": "usr_12345",
"email": "user@example.com",
"first_name": "Jane",
...
}
}Social Login
Initiate social login by redirecting the user's browser.
Parameters:
return_url: URL to redirect back to after success.source_token: The source token of your app.
Session & Profile Management
Get Profile
Retrieves the full user profile including current consents. This is the source of truth.
{
"id": "usr_98765",
"email": "jane@example.com",
"first_name": "Jane",
"last_name": "Doe",
"consents": {
"privacy_consent": true,
"marketing_consent": false, // Specific to the calling service
"updated_at": "2025-11-15T10:00:00Z"
},
"deletion": {
"pending": false,
"scheduled_for": null
}
}Update Profile
Update basic profile information.
{
"first_name": "Jane",
"last_name": "Smith",
"phone": "+15550001234"
}Account Deletion
Critical: Deletion is soft-scheduled for 30 days. During this window, the user cannot access services but can restore their account by logging in.
Schedule Deletion
Initiates the 30-day countdown.
Cancel Deletion
Restores the account immediately to active status.
Consent Management
Manage service-specific consents. Note that privacy consent is immutable; only marketing consent can be toggled.
Request Marketing Consent Change
Record a user's decision to opt-in or opt-out of marketing communications for the service identified by the X-Source-Token.
{
"marketing_consent": true
}Confirm Consent Status
Explicitly check the marketing consent status for the current service context.
{
"service": "aac_web",
"marketing_consent": true,
"last_updated": "2025-12-01T14:30:00Z"
}Important Notes
Never expose your Client Secret or sensitive configuration in client-side code. Source Tokens are generally safe for public clients, but check your specific integration guide.
API calls are CORS-restricted. Ensure your domain is whitelisted in the Monndé Developer Console. Use the environment base URL provided during onboarding.