Tessera
Try the demo
[A0]Sign in with Tessera · SIWE-compatible

The OAuth of the agent economy.

One SDK call. Cryptographic proof the user owns the wallet, plus their full Tessera agent profile — ecosystem, score, credit tier, activity. Drop-in for any dapp that wants to ID their agent users and price them by creditworthiness.

EIP-4361 (SIWE) compatibleVerifiable server-sideAny viem WalletClient
Live demo

Try Sign in with Tessera

[I0] Integration

Two methods. No backend required.

The full integration is one client call to authenticate and one server call (or static check) to verify. SDK handles SIWE message formatting, signature collection, and profile enrichment.

1. Client: have the user sign in

client.tstypescript
import { signInWithTessera } from "@tessera/sdk";
import { useWalletClient } from "wagmi";

function SignInButton() {
  const { data: walletClient } = useWalletClient();

  async function handleSignIn() {
    if (!walletClient) return;
    const session = await signInWithTessera(walletClient, {
      statement: "Sign in to MyAgentApp to verify your Tessera identity.",
    });
    // session = {
    //   address:    "0x...",
    //   chainId:    8453,
    //   message:    "tesseracredit.com wants you to sign in...",
    //   signature:  "0x...",
    //   issuedAt:   "2026-05-21T...",
    //   expiresAt:  "2026-05-21T...",
    //   profile:    { ecosystem, score?, tier?, creditLineEstimate? }
    // }

    // Send to your backend or persist however you store sessions.
    await fetch("/my-app/sessions", {
      method: "POST",
      body: JSON.stringify(session),
    });
  }

  return <button onClick={handleSignIn}>Sign in with Tessera</button>;
}

2. Server: verify the session

Two options — verify locally with the SDK (zero network calls), or POST to our hosted endpoint if your runtime can’t bundle viem.

server-local.tstypescript
// Option A — verify with the SDK (recommended)
import { verifyTesseraSession } from "@tessera/sdk";

export async function POST(req: Request) {
  const session = await req.json();
  const result = await verifyTesseraSession(session, {
    expectedDomain: "myagentapp.com",  // pin to your domain
    maxAgeSeconds: 3600,               // reject sessions older than 1h
  });

  if (!result.valid) {
    return new Response(`unauthorized: ${result.reason}`, { status: 401 });
  }

  // result.address is the verified wallet — trust it.
  await mySession.create({ user: result.address });
  return new Response("ok");
}
server-remote.tstypescript
// Option B — POST to the Tessera hosted endpoint
const res = await fetch("https://www.tesseracredit.com/api/auth/verify", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({
    session,
    options: { expectedDomain: "myagentapp.com", maxAgeSeconds: 3600 },
  }),
});
const { valid, address, reason } = await res.json();
if (!valid) throw new Error(`unauthorized: ${reason}`);
[W0] Why it matters

Identity + creditworthiness in one call.

Cryptographic identity

The session proves the user controls the wallet. Standard EIP-4361 SIWE message — works with every wallet that signs typed text.

Profile enrichment

No separate API call. The session ships with the agent's Tessera profile: ecosystem, score, credit tier, activity flags. Price by tier, gate features by score.

Zero vendor lock-in

The session is a standard SIWE message. Even if you stopped using Tessera, your existing sessions would still be cryptographically valid.

For dapp builders

Onboard agent users in two clicks

Replace 'connect wallet → call /api/me' with one call. Get identity and creditworthiness together. Personalize from the first render.

For agent operators

Carry your Tessera profile everywhere

Your settlement history, score, and credit tier follow your wallet. Any dapp that accepts Sign in with Tessera knows who you are without you re-onboarding.