Each Taxamo API invocation requires either public or private token. In some cases - POST /api/v2/transactions for example, both tokens can be used, resulting in more capabilities when the endpoint is invoked with a private token.

Public and private API tokens are available from a merchant dashboard panel. Public token is meant to be used when invoking the service through a user’s browser - for example from JavaScript.

Private token, on the other hand, is meant to be used when you are connecting from your service directly to the Taxamo REST API.

Tokens can be provided in two or three ways (depending on the request type):

  • query string parameter named respectively public_token or private_token
  • as an HTTP header named Public-Token for public token and Private-Token for private token
  • inside request body as a field named respectively public_token or private_token. This option is of course available only when the operation has request body - e.g. is a POST or PUT.
    Please consult documentation for individual endpoints to see what kind of access tokens are supported and how can they be supplied.

Test and production modes

There are two sets of API tokens:

  • Test tokens - used for testing and integration purposes. When using test tokens, transactions will not be settled with the actual tax authority, and if you are using Taxamo PSP integration, it will be invoked in test/sandbox mode.
  • Production tokens - transactions stored with production tokens will be used for actual settlement or billing.