Overview
As of November 2025, Synctera switched to an own widget for tokenizing external cards. This widget is described here. For instructions on how to migrate to the Synctera widget, see here.Tokenize card
To enable customers to add card-on-file, you first need to tokenize the card through integration with the TabaPay Cards Tokenization widget. The widget allows for direct communication between the client, TabaPay, and Synctera, eliminating the need for the integrator to have PCI certification. This integration is described step-by-step below.Getting started
Before integrating with TabaPay Card PCI-Compliant iFrame, ensure that you have all the necessary components in place:- Ensure Synctera API keys are provisioned and working for your business;
- Ensure external cards have been enabled for your program with your Synctera implementation and onboarding contact;
- If integrating in a mobile application, you may need to use a web view such as a WKWebView in a iOS application, WebView in an android application, or a WebView in React Native;
- Content security policies should be set in the application using the following directives:
Display iFrame and tokenize an External Card
The steps below describe how to display TabaPay PCI-Compliant iFrame:- Add an iFrame tag to the desired webpage:
- Set the iFrame source for the appropriate environment:
- prod: “https://sso.tabapay.com/SSOSynctera.html”
- sandbox: “https://sso.sandbox.tabapay.com:8443/SSOSynctera.html”
- Add an event listener and handler for TabaPay events:
💡 For more information on card tokenization using TabaPay PCI-Compliant iFrame, refer to the TabaPay documentation.
Customization Options
The TabaPay Browser SDK provides a number of customization options for controlling the layout and appearance of the TabaPay Card PCI-Compliant iFrame. See TabaPay Browser SDK for additional details and specific customization options.Migration Guide: TabaPay to Synctera widget
This guide helps you migrate from the TabaPay Browser SDK widget to the Synctera External Card Creation Widget.Quick Comparison
| Feature | TabaPay Widget | Synctera Widget |
|---|---|---|
| Initialization | tabaPaySdk.createIframe() | <external-card-creation> web component |
| Script Loading | External TabaPay SDK script | External widget script |
| Configuration | JavaScript object | HTML attributes |
| DOM Integration | Returns { element } to append | Direct web component usage |
| Token Return | Pipe-separated string "last4|expiry|token" | Event detail with { token, card_data } |
| Event Listeners | Config object with functions | DOM event listeners (success/failure) |
| Styling | Inline config objects | Theme attribute + (CSS variables coming soon) |
| Environment | clientId (sandbox/production) | env attribute + token |
Step-by-Step Migration
Step 1: Update Script Tag
Before (TabaPay):Step 2: Replace Widget Initialization
Before (TabaPay):Step 3: Update Token Handling
Before (TabaPay):Step 4: Update Event Listeners
Before (TabaPay):Feature Mapping
Basic Configuration
| TabaPay | Synctera Widget |
|---|---|
cardNumberInput.separator | theme options (css coming soon) |
expirationDateInput.placeholderText | custom-labels='{"cardExpPlaceholder": "mm/yy"}' |
cscInput.labelText | custom-labels='{"securityCodeLabel": "CVV"}' |
Styling
| TabaPay | Synctera Widget |
|---|---|
labelStyle.fontWeight | CSS styling or theme customization |
inputStyle.backgroundColor | theme="night-shift" or (custom CSS coming soon) |
inputStyle.borderStyle | Theme-based or (custom CSS coming soon) |
invalidStyle.textColor | Theme-based or (custom CSS coming soon) |
Buttons
| TabaPay | Synctera Widget |
|---|---|
buttons.submit.backgroundColorEnabled | Theme-based styling |
buttons.submit.backgroundColorHover | Theme-based styling |
buttons.reset | Built-in Clear button (clears all fields) |
buttons.cancel | Not included by default |
Complete Migration Example
Before: TabaPay Implementation
After: Synctera Widget Implementation
Key Differences to Remember
1. Token Format
- TabaPay: Returns pipe-separated string
"last4|expiry|token"- you must extract the token - Synctera: Returns structured object
{ token, card_data }- token is ready to use
2. Widget Token vs Client ID
- TabaPay: Uses
clientIddirectly in config - Synctera: Requires fetching a
widget_tokenfrom your backend API first, then passing it to the widget
3. DOM Integration
- TabaPay: Returns an element you must append to DOM
- Synctera: Web component is declaratively added to HTML
4. Event Handling
- TabaPay: Config object with function callbacks
- Synctera: Standard DOM event listeners (
addEventListener)
5. Styling
- TabaPay: Inline configuration objects
- Synctera: Can swap themes to get closest to the look you want (custom css style coming soon)
6. Buttons
- TabaPay: Includes submit, reset, and cancel buttons
- Synctera: Includes submit and clear buttons (clear button clears all fields; cancel can be added via custom code)
Migration Checklist
- Update script tag to load Synctera widget
- Replace
tabaPaySdk.createIframe()with<external-card-creation>component - Update backend to provide widget tokens (instead of using clientId directly)
- Replace event listener config with DOM event listeners
- Update token extraction logic (remove pipe-splitting, use
event.detail.token) - Map styling preferences to theme (custom CSS still to come)
- Test in sandbox environment
- Update API calls to use new token format
- Update reset button logic (use built-in Clear button; cancel can be added via custom code if needed)
- Test all payment flows
Getting Your Widget Token
Unlike TabaPay’sclientId, the Synctera widget requires a widget token from your backend: