Public API
v1Connect your app to TaxTask in under 5 minutes. Use your API key and the endpoints below. Works from any language or tool (curl, Python, JavaScript, etc.).
Version is in the URL path (/v1). This version is stable; breaking changes will use a new path (e.g. /v2).
Quick start
- Get an API key. Log in, go to Settings → API, create a key, and copy it. It is shown only once.
- Base URL:
https://api.taxtask.com/v1 - Send a request. Add your key to every request (see Authentication below).
Don't have an account? Sign up first, then create an API key.
Authentication
Send your API key on every request using either header:
Authorization: Bearer YOUR_API_KEYX-Api-Key: YOUR_API_KEY
Keys use tt_ prefix. Keep them secret — use environment variables, never commit to source control.
Scopes
Each key has scopes that control access. Choose the minimum required:
read:transactions— List and view transactionswrite:transactions— Create, update, delete transactionsread:invoices— List and view invoiceswrite:invoices— Create, update, delete invoicesread:tax— View PIT assessments, reliefs, and filing historywrite:tax— File PIT returnsread:integrations— List connected integrationswrite:integrations— Trigger syncs for integrationsadmin:all— Full access (all endpoints)
Endpoints
All endpoints return JSON. Paginated lists include data and meta (page, limit, total, total_pages).
Health
Check API status. No API key required.
Transactions
List transactions for your account.
Scope: read:transactions or admin:all
Query: page, limit (max 50), status (optional).
Create a transaction.
Scope: write:transactions or admin:all
Required: date, description, type, amount. Supports Idempotency-Key.
Update a transaction.
Scope: write:transactions or admin:all
Delete a transaction.
Scope: write:transactions or admin:all
Invoices
List invoices for your account.
Scope: read:invoices or admin:all
Query: page, limit (max 50), status (optional).
Create an invoice.
Scope: write:invoices or admin:all
Required: invoice_number, issue_date, total_amount. Supports Idempotency-Key.
Update an invoice.
Scope: write:invoices or admin:all
Delete an invoice.
Scope: write:invoices or admin:all
Personal Income Tax (PIT)
Get PIT assessment for the authenticated user.
Scope: read:tax or admin:all
Query: tax_year (required).
List available PIT reliefs and eligibility.
Scope: read:tax or admin:all
File a PIT return with the relevant State IRS.
Scope: write:tax or admin:all
Required: tax_year, state_irs_code, assessment_id. Supports Idempotency-Key.
File a PIT return. Accepts fiscalYear, stateCode, assessmentId, and amount.
Scope: write:tax or admin:all
Required: fiscalYear, stateCode, assessmentId, amount. Supports Idempotency-Key. Returns assessmentId and filingHistoryId.
Get PIT filing history.
Scope: read:tax or admin:all
Query: page, limit (max 50).
Remita PIT Payment
Generate a Remita RRR for PIT payment.
Scope: write:tax or admin:all
Required: fiscalYear, stateCode, amount, tin. Returns rrr, stateIRS, paymentUrl.
Check PIT payment status via Remita.
Scope: read:tax or admin:all
Query: fiscalYear (required).
Tax Rates
Get current tax rate brackets. No API key required.
Query: tax_type (required) — pit, cit, vat, or wht.
Integrations
List connected integrations (banking, investment, crypto, payroll). Supported providers include Mono, BambooHR, Bybit, Cowrywise, and PiggyVest.
Scope: read:integrations or admin:all
Trigger a data sync for a connected integration (e.g. mono, bamboohr, bybit, cowrywise, piggyvest).
Scope: write:integrations or admin:all
Parameters
List endpoints (GET)
page— Page number (default 1).limit— Items per page, 1–50 (default 20).status— Filter by status. Transactions: pending, categorized, approved, validated, flagged, rejected, filed. Invoices: draft, pending, submitted, approved, rejected, cancelled.
Create transaction (POST /transactions)
date(required) — Transaction date (YYYY-MM-DD).description(required) — Max 1,000 characters.type(required) — One of: income, expense, transfer, journal.amount(required) — Positive number, max 999,999,999,999.currency— NGN (default), USD, GBP, or EUR.category— Max 200 characters.counterparty_name— Max 500 characters.counterparty_tin— Max 50 characters.invoice_number— Max 100 characters.notes— Max 2,000 characters.line_items— Array of objects (max 100). Each can have: description, quantity, unit_price, amount, tax_code, category.
Create invoice (POST /invoices)
invoice_number(required) — Max 100 characters.issue_date(required) — YYYY-MM-DD.total_amount(required) — Non-negative number, max 999,999,999,999.currency— NGN (default), USD, GBP, or EUR.due_date— YYYY-MM-DD.customer_name— Max 500 characters.customer_tin— Max 50 characters.line_items— Array of objects (max 100).notes— Max 2,000 characters.branch_id— UUID of the branch.
Request body
- Send JSON with
Content-Type: application/json. - Maximum body size: 256 KB. Larger requests return 413.
- Body must be a JSON object (not an array or primitive).
- PUT requests use field-level allowlisting — only documented fields are accepted. Unknown fields are ignored.
Responses
All responses include these headers:
X-Request-Id— Unique ID for the request. Include this in support tickets for faster debugging.X-API-Version— Current API version (1.0).X-RateLimit-Limit— Your rate limit per minute.X-RateLimit-Remaining— Requests remaining in current window.
Success (200/201): Body has data (array or object) and for lists meta with page, limit, total, total_pages. Created resources return 201.
Delete (200): Returns { "success": true }.
Rate limiting
Each API key has a per-minute rate limit (default: 1,000 requests/minute, configurable up to 10,000). When exceeded, you'll receive a 429 response with a Retry-After header indicating how many seconds to wait.
Monitor your usage via the X-RateLimit-Limit and X-RateLimit-Remaining headers on every response.
Idempotency
For POST requests (create operations), include an Idempotency-Key header with a unique value (e.g. a UUID). If the same key is sent again within 24 hours, the API returns the original response without creating a duplicate.
curl -X POST "https://api.taxtask.com/v1/transactions" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Idempotency-Key: 550e8400-e29b-41d4-a716-446655440000" \
-H "Content-Type: application/json" \
-d '{"date": "2026-02-14", "description": "Office supplies", "type": "expense", "amount": 15000}'This is recommended for all create operations to safely handle retries on network errors.
Errors
Errors return JSON with error (message), code, and request_id:
{
"error": "Missing required fields: date, description, type, amount",
"code": "validation_error",
"request_id": "550e8400-e29b-41d4-a716-446655440000"
}| Status | Code | Description |
|---|---|---|
| 400 | validation_error | Missing or invalid fields. |
| 400 | invalid_body | Request body is not valid JSON. |
| 401 | invalid_api_key | Missing, expired, or invalid API key. |
| 403 | insufficient_scope | Key does not have the required scope. |
| 404 | not_found | Resource not found or does not belong to your account. |
| 413 | payload_too_large | Request body exceeds 256 KB. |
| 429 | rate_limited | Too many requests. Check Retry-After header. |
| 500 | fetch_error | Server error. Retry later. |
Code examples
Replace YOUR_API_KEY with your key.
Health check (no key)
curl https://api.taxtask.com/v1/healthList transactions
curl "https://api.taxtask.com/v1/transactions?page=1&limit=20" \
-H "Authorization: Bearer YOUR_API_KEY"Create a transaction
curl -X POST "https://api.taxtask.com/v1/transactions" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-H "Idempotency-Key: $(uuidgen)" \
-d '{
"date": "2026-02-14",
"description": "Office rent payment",
"type": "expense",
"amount": 250000,
"currency": "NGN",
"category": "rent",
"counterparty_name": "ABC Properties Ltd"
}'Update a transaction
curl -X PUT "https://api.taxtask.com/v1/transactions/TRANSACTION_ID" \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{"description": "Updated description", "amount": 275000}'Delete a transaction
curl -X DELETE "https://api.taxtask.com/v1/transactions/TRANSACTION_ID" \
-H "Authorization: Bearer YOUR_API_KEY"JavaScript (fetch)
const res = await fetch("https://api.taxtask.com/v1/transactions?page=1&limit=20", {
headers: { Authorization: "Bearer YOUR_API_KEY" },
});
const { data, meta } = await res.json();
console.log(`Page ${meta.page} of ${meta.total_pages}`);Python
import requests
# List transactions
r = requests.get(
"https://api.taxtask.com/v1/transactions",
params={"page": 1, "limit": 20},
headers={"Authorization": "Bearer YOUR_API_KEY"},
)
data = r.json()
# Create a transaction
r = requests.post(
"https://api.taxtask.com/v1/transactions",
json={
"date": "2026-02-14",
"description": "Client payment received",
"type": "income",
"amount": 500000,
},
headers={
"Authorization": "Bearer YOUR_API_KEY",
"Idempotency-Key": "unique-request-id-123",
},
)
print(r.json())Example success response (list)
{
"data": [
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"branch_id": "...",
"type": "expense",
"source": "api",
"status": "pending",
"amount": 250000,
"currency": "NGN",
"description": "Office rent payment",
"transaction_date": "2026-02-14",
"created_at": "2026-02-14T10:00:00Z"
}
],
"meta": {
"page": 1,
"limit": 20,
"total": 1,
"total_pages": 1
}
}OpenAPI spec
Download the full OpenAPI 3.0 spec for code generation, Swagger UI, or Postman import: openapi.yaml. Preview it at editor.swagger.io.