TaxuDOCS
DashboardSign in

Authentication

Secure your API requests with API keys and best practices

API Keys

Authenticate your API requests by including your API key in the Authorization header.

# Example Request
curl https://api.taxu.io/v1/returns \
-H
"Authorization: Bearer YOUR_API_KEY"
\
-H
"Content-Type: application/json"

Test vs Live Keys

Test Keys (pk_test_...)

Use test keys for development. No real tax returns are filed.

Live Keys (pk_live_...)

Use live keys in production. Real tax returns are filed with the IRS.

Security Best Practices

  • Never expose API keys in client-side code

    Always make API calls from your server

  • Store keys securely

    Use environment variables, never commit to version control

  • Rotate keys regularly

    Generate new keys periodically and revoke old ones