
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
@qonto/embed-sdk
Advanced tools
Use Qonto Embed in your website with a high level abstraction that will make your integration easy and fast.
npm install @qonto/embed-sdk
or
pnpm install @qonto/embed-sdk
or
yarn add @qonto/embed-sdk
import { initialize } from '@qonto/embed-sdk/common';
const accessToken =
'An access token you have previously generated from your app';
initialize({ accessToken });
Read more about how your users are onboarded and an access token is generated for them in the docs.
import { cards } from '@qonto/embed-sdk/cards';
const newCard = cards.orderCard(cardConfig);
We are in the early stages of the SDK implementation. While we will strongly attempt to avoid breaking changes, we may need to make some in the future. Note that while the SDK is in the v0.x stage, breaking changes might happen. Once we reach v1.0.0, we will follow semantic versioning strictly.
This SDK exposes a set of programmatic features that you can use to interact with Qonto services. These features are
grouped into namespaces under src (cards, sepa-transfers, beneficiaries...) and they mainly export functions that can
be called by SDK users. Most of those functions are wrappers around Qonto's third party REST API, but some have more
complex logic, like opening iframes to perform sensitive actions.
The SDK exposes a set of UI Elements that can be embedded in partners' web applications. These elements are standard Web
Components that can be used in any front-end framework or vanilla JavaScript app. The implementation is done using Lit,
and the components are available under the ui namespace under src.
Now that you have the SDK installed and initialized, you can start using it. Check the documentation for each namespace to get up to speed with the different features available.
FAQs
Library to embed Qonto features in your application
The npm package @qonto/embed-sdk receives a total of 66 weekly downloads. As such, @qonto/embed-sdk popularity was classified as not popular.
We found that @qonto/embed-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.