Skip to main content
@tesouro/embedded-components-react is currently in beta and not yet publicly available on npm. Contact your Tesouro representative to request early access.

Overview

The @tesouro/embedded-components-react package provides a set of React components that embed Tesouro functionality directly into your application. Wrap your app in EmbeddedProvider, then render any combination of components — no Next.js required.

Before you begin

You will need:
  • A Tesouro client ID and client secret (provided during onboarding)
  • A widget secret (TESOURO_WIDGET_SECRET) — a separate credential used to mint user-scoped widget tokens, also provided during onboarding

1. Install

2. Set up a widget token endpoint

Embedded components authenticate users via short-lived, user-scoped widget tokens — not your API access token. Your backend is responsible for minting these tokens and exposing them via an endpoint.
Widget tokens are user-scoped JWE tokens encrypted with your TESOURO_WIDGET_SECRET. They must be generated server-side to keep your credentials secure.
The endpoint should accept { userId, userEmail } and return { widgetToken }:
The widget token must include a required organization_reference claim — your opaque, stable identifier for the business the applicant belongs to. Resolve it on your backend from your own data; never accept it from the client.
The required environment variables:

3. Wrap your app with EmbeddedProvider

Import EmbeddedProvider and configure it with the current user’s identity and your token endpoint:

(Optional) Navigation adapter

By default, EmbeddedProvider uses browser-native navigation (window.history). Pass a navigationAdapter to integrate with your router:

(Optional) Style overrides

Customize the look and feel to match your platform:

Next steps