Blackbaud Checkout iFrame
As we’ve worked to implement Blackbaud Checkout, we had a question based on what we’re seeing in the documentation. Our goal is to avoid any processing/server-side-work on our end and simply use an iframe. It was our understanding that we could do this based on the description/docs:
Blackbaud Checkout
Blackbaud Checkout leverages a JavaScript iFrame to display a secure form within your application. The form appears to be a native part of your application, but sensitive card information is sent securely and directly to Blackbaud without exposing it to the consuming application.
However, we’re seeing that elsewhere in the documentation that we may still need to use an OAuth 2 flow: https://developer.blackbaud.com/skyapi/apis/payments/checkout/integration-guide/preloading-workflow#…<https://developer.blackbaud.com/skyapi/apis/payments/checkout/integration-guide/preloading-workflow#charge-transaction>
Can we get a clarification on how to implement this exclusively with an iframe?
Blackbaud Checkout
Blackbaud Checkout leverages a JavaScript iFrame to display a secure form within your application. The form appears to be a native part of your application, but sensitive card information is sent securely and directly to Blackbaud without exposing it to the consuming application.
However, we’re seeing that elsewhere in the documentation that we may still need to use an OAuth 2 flow: https://developer.blackbaud.com/skyapi/apis/payments/checkout/integration-guide/preloading-workflow#…<https://developer.blackbaud.com/skyapi/apis/payments/checkout/integration-guide/preloading-workflow#charge-transaction>
Can we get a clarification on how to implement this exclusively with an iframe?
0
Comments
-
Hey Andrea,
You'll have to do some server-side-work. The reason is we need a secured call from you to approve the transaction.
The Blackbaud Checkout documentation is describing the fact that it handles all of the sensitive payment information within an iFrame -- this means you and your code avoid essentially all of the PCI burden that comes with that information. While it handles gathering all of the data, we still require an authorized call to confirm the data originated with you and your code. Basically, you need a way to tell us "Hey, it's Andrea's App, if you saw a transaction come through with this id, it came from me and I approve it" and then we'll go "Oh hey, Andrea's App, we trust you, and we know about that transaction so we'll go approve it." The trick is proving to us who you are -- you can't put secret data in a web page, so it has to come from a backend service that you can secure.
Hope this helps and let me know if I can answer any other questions!0 -
Thanks! Our developers also had another question about a hosted form option. Is it possible to use a hosted option where you take our site CSS/HTML, use it as a wrapper on a hosted form, and we point a subdomain? I know our development team has done that in the past. Appreciate any additional insight you can provide on this.0
-
Hey Andrea,
I'm going to plead ignorance here since I'm not exactly sure what a "hosted form option" is (aren't all web forms hosted?). From a Checkout capability standpoint, we support some theming to match your site's look and feel. If you're asking about Blackbaud hosting an entire page that has the Checkout form on it, I think that's supported as well but requires the client have one of Blackbaud's other products that has that sort of CMS functionality.0
Categories
- All Categories
- 6 Blackbaud Community Help
- 211 bbcon®
- 1.4K Blackbaud Altru®
- 402 Blackbaud Award Management™ and Blackbaud Stewardship Management™
- 1.1K Blackbaud CRM™ and Blackbaud Internet Solutions™
- 15 donorCentrics®
- 360 Blackbaud eTapestry®
- 2.6K Blackbaud Financial Edge NXT®
- 657 Blackbaud Grantmaking™
- 577 Blackbaud Education Management Solutions for Higher Education
- 3.2K Blackbaud Education Management Solutions for K-12 Schools
- 941 Blackbaud Luminate Online® and Blackbaud TeamRaiser®
- 84 JustGiving® from Blackbaud®
- 6.7K Blackbaud Raiser's Edge NXT®
- 3.7K SKY Developer
- 248 ResearchPoint™
- 120 Blackbaud Tuition Management™
- 165 Organizational Best Practices
- 240 Member Lounge (Just for Fun)
- 34 Blackbaud Community Challenges
- 37 PowerUp Challenges
- 3 (Open) PowerUp Challenge: Grid View Batch
- 3 (Closed) PowerUp Challenge: Chat for Blackbaud AI
- 3 (Closed) PowerUp Challenge: Data Health
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Product Update Briefing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports+
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Email Marketing
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Gift Management
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Event Management
- 3 (Closed) Raiser's Edge NXT PowerUp Challenge: Home Page
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Standard Reports
- 4 (Closed) Raiser's Edge NXT PowerUp Challenge: Query
- 796 Community News
- 3K Jobs Board
- 54 Blackbaud SKY® Reporting Announcements
- 47 Blackbaud CRM Higher Ed Product Advisory Group (HE PAG)
- 19 Blackbaud CRM Product Advisory Group (BBCRM PAG)