Interface: ClientOperationSettings
Client-side operation settings that enforce proxy-based authentication. These settings are designed for browser environments where direct access to authentication tokens should be avoided for security reasons.Properties
accessToken?
Server-only properties are explicitly excluded from client settings. UseoptionalaccessToken:undefined
@qonto/embed-sdk/{namespace}/server for server-side operations.
debugMode?
Whether to enable debug mode for the SDK. If not provided, the SDK will default to false. If debug mode is enabled, it will print extra logging to the console during the execution of the SDK functions in which an iframe is involved.optionaldebugMode:boolean
idempotencyKey?
Optional idempotency key to use for the operation. If not provided, the SDK will generate a random key for the functions that require it.optionalidempotencyKey:string
locale?
The locale to use for the SDK. This is optional, and if not provided, it will default to English. Setting the locale will make the SDK render its UI in the specified language.optionallocale:string
mfaPreference?
The Multifactor Authentication (MFA) preference to use for the operations. This can be eitheroptionalmfaPreference:string
MFA_METHODS.PASSKEY, MFA_METHODS.PAIRED_DEVICE or
MFA_METHODS.SMS_OTP. If not provided, the SDK will default to ‘PASSKEY’.
paginationSettings?
Optional pagination settings to use for the operation. If the called function is not subject to pagination, this parameter will be ignored.optionalpaginationSettings:PaginationSettings
proxyEndpointDescriptor?
optionalproxyEndpointDescriptor:ProxyEndpointDescriptor
proxyEndpointDescriptor is a mechanism to avoid operating with sensitive
information, like the access token and the staging token, in client side
environments. Using them in client side could lead to data leak. It works as
follows:
Qonto Embed exposes a proxy endpoint in its API that is capable of getting
requests prepared by the SDK. In your web application, you must implement a
backend endpoint that receives a string value in the body,
adds the access token in the Authorization header and calls the Qonto
Embed proxy endpoint with the string payload you received. The proxyEndpointDescriptor
the SDK expects is an object in which you will describe the call to your
backend endpoint.
proxyRequestFunction?
Required for client-side operations: either proxyRequestFunction or proxyEndpointDescriptor.optionalproxyRequestFunction:ProxyRequestFunction
proxyRequestFunction is a mechanism to avoid operating with sensitive
information, like the access token and the staging token, in client side
environments. Using them in client side could lead to data leak. It works as
follows:
Qonto Embed exposes a proxy endpoint in its API that is capable of getting
requests prepared by the SDK. In your web application, you must implement a
backend endpoint that receives a string value in the body,
adds the access token in the Authentication header and calls the Qonto
Embed proxy endpoint with the string payload you received. The proxyRequestFunction
the SDK expects is a function in which you will implement the call to your
backend endpoint. It receives a string parameter, it must perform a call to
your endpoint and return the data the endpoint sends you back.
scaSessionToken?
optionalscaSessionToken:undefined
stagingToken?
optionalstagingToken:undefined
uiParentElementId?
The id of the element where the SDK UI for sensitive operations will be rendered. Required for operations that involve UI components (e.g., SCA flows).optionaluiParentElementId:UIParentElementId