Authentication
Every request requires an X-API-Key header with your API key.
Authorization: Bearer <key> is also accepted for compatibility with
existing HTTP-client conventions; either header works on every
endpoint.
curl -H "X-API-Key: your-key-here" \ "https://api.taxql.com/v1/tax/tx?zip=75068"from taxql import TaxQLclient = TaxQL(api_key="your-key-here")The Python SDK sets the header for you when you pass api_key= to
the constructor.
Getting a key
Section titled “Getting a key”Sign up at taxql.com/signup for a free 14-day trial with 1,000 lookups. No credit card required. Your API key is shown immediately and accessible from the dashboard at any time at app.taxql.com.
Key management
Section titled “Key management”- Rotate at app.taxql.com/keys. New keys are issued instantly; old keys remain valid until you explicitly revoke them so you can roll forward without downtime.
- Storage. Treat your key like a password. Load it from an environment variable or secret manager in production; never commit to source control. The SDK reads from whatever you pass — it has no default key lookup.
- Per-environment keys. Use distinct keys for production vs staging/CI so you can revoke one without affecting the other.
- Tier ceiling. Your key’s tier determines the lookup quota and
whether premium geocoding is enabled by default. The response
includes a
billingblock with the resolved tier so you can verify in code.
When the key is wrong
Section titled “When the key is wrong”The API returns 401 with {"detail": "Invalid X-API-Key."} when
the key is missing or doesn’t match an account. The Python SDK maps
this to AuthError — catch it and
prompt the user to re-enter their key rather than retrying blindly.
- Quickstart — first lookup in 60s
- API Reference — every endpoint
- Trial → Production — when to upgrade