How it works
The user connects (once)
You send the user to TaxRock to log in and consent. TaxRock redirects back to
your app with an authorization code.
Your backend gets tokens
Exchange the code for a long-lived refresh token and a short-lived
access token. Store the refresh token securely, per end-user.
Sandbox vs. production
Everything defaults to the sandbox while you build. Two base URLs change between environments. Theaudience is the same in both.
| Auth domain | API base | Audience | |
|---|---|---|---|
| Sandbox | login-demo.taxrock.com | https://delegate-demo.api.taxrock.com | https://delegate.api.taxrock.com |
| Production | login.taxrock.com | https://delegate.api.taxrock.com | https://delegate.api.taxrock.com |
Your
client_id and client_secret are delivered to you per environment. Send us
your callback URL so we can register it before the connect flow will work.
