Skip to main content
Version: 1.7.3

Overview

Drop-in UI is a ready-made interface tailored to align with the existing design of your application/portal. TaxBandits API offers a drop-in UI for Form W-9 that can be integrated seamlessly into your existing systems with a minimal setup. It enables you to customize the W-9 page the way you want, leveraging HTML, JavaScript, and Bootstrap.

Benefits of Drop-in UI

  • Fully Customizable - You can customize every aspect of the W-9 page (secure URL), starting from logo and theme to font size and color.
  • Simple Setup - You can quickly load the drop-in UI into your application with a simple procedure.
  • Completely Secure - Our drop-in UI process has all the necessary security measures in place to ensure complete data protection.

How it Works

  • Construct Authentication Token (JWS) - Before initiating the Drop-in UI setup, you must construct JWS.

    • To Construct JWS, you must retrieve the API keys (User Token, Client ID, Client Secret) in the sandbox console.

    API Credentials

    • The JWS consists of 3 parts, as given below:

      Header:

      {
          "alg": "HS256", /*Algorithm = HS256*/
          "typ": "JWT" /*Type = JSON Web Token (JWT)*/
      }

      Payload:

      {
          "iss": "968a9c78dae29a29",  /*Issuer: Client ID retrieved from the console site*/
          "sub": "968a9c78dae29a29",  /*Subject: Client ID retrieved from the console site*/
          "aud": "a574b75f18b24fc09f9039ffb5cb08f3", /*Audience: User Token retrieved from the console site*/
          "iat": 1516239022 /*Issued at: Number of seconds from Jan 1 1970 00:00:00 (Unix epoch format)*/
      }

      Signature:

          HMACSHA256(
          base64UrlEncode(header) + "." +
          base64UrlEncode(payload),
          siqHfLy59g3UHxrb5gjxg  /*Client Secret retrieved from the console site*/

      )

    Sample JWS

        eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOi
        I5NjhhOWM3OGRhZTI5YTI5Iiwic3ViIjoiOTY4YTljNzhkYWUyOWEyOSIsImF1
        ZCI6ImE1NzRiNzVmMThiMjRmYzA5ZjkwMzlmZmI1Y2IwOGYzIiwiaWF0IjoxN
        TE2MjM5MDIyfQ.HNQznxlPyVt62kyUeVwtk1-uzm1uDWH4NBDLShA6Ac0

  • Get Transient Token - Once the JWS is constructed, send an API request to obtain the transient token . In order to obtain a transient token, you must pass the JWS in the "Authentication: {JWS Value}" HTTP Header and the Request Body must include the allowable origins (domains) to load the W-9 UI. This transient token expires in 15 minutes. If it's expired, you can get another token.

    note

    We have enabled the Content Security policy with the Frame Ancestor directive In our drop-in UI. This allows only the domains specified when generating a transient token, ensuring each request is validated.

  • Customize UI - Customize the JS for the Form W-9 page (secure URL) with your own branding elements as you prefer.

  • Load W-9 - Once the customization is complete, you can integrate the W-9 page into your application.

Drop In W9 final flow Diagram

Customization Options

   You can customize the following components of the W-9 page using Drop-in UI.

  • Textbox dropdown
    • Font color
    • Border color
    • Border focus color
    • Border radius color
  • Button
    • Primary color
    • Secondary color
    • Font color
  • Label color
  • Hyperlink color
  • Checkbox
    • Background color
  • Text
    • Heading color
    • Subheading color
    • Para color
    • Help text color