Auth Token

To access the TaxBit API and perform authenticated requests, you need to obtain a Bearer Token. This token serves as the authorization mechanism for subsequent API interactions. Follow the steps below to acquire a Bearer Token for further API access.

Authentication Flow

  1. Obtain your API credentials, including your client ID and client secret, from your TaxBit Implementation Manager.

  2. Make a POST request to the /oauth/token endpoint, providing your client ID and client secret.

    curl --request POST \
    --url '' \
    --header 'Content-Type: application/json' \
    --data '{
        "grant_type": "client_credentials",
        "client_id": "{{client-id}}",
        "client_secret": "{{client-secret}}"
  3. The API will authenticate your credentials and issue a Bearer Token in the response.

        "access_token": "{{bearer-token}}",
        "expires_in": 86400,
        "token_type": "Bearer"
  4. Store the received Bearer Token securely as it will be required for subsequent API requests. You must include the token in the Authorization header of each request as follows:

Authorization: Bearer <your_token>

Refreshing the Token

The Bearer Token has a limited lifespan, known as the token expiration time, which is provided as the expires_in field in the response from the /oauth/token endpoint. When the token expires, you need to retrieve a new token using your client ID and client secret as described above to continue accessing the API.

Token Security

Ensure that you handle the Bearer Token securely. It should be treated as sensitive information and not shared or exposed publicly. Use secure communication channels, such as HTTPS, when transmitting the token to and from the API.

Please refer to the TaxBit API documentation for further details on the /oauth/token endpoint, request payloads, and response formats.