Skip to main content
The TaxMaxi Auth API gives you everything you need to create accounts, log in, and manage sessions. All authenticated endpoints accept a bearer token you obtain at login — pass it as Authorization: Bearer <token> on every request that requires authentication. Two login paths are available: the local provider (email and password) and OAuth providers such as Coinbase. You can link multiple providers to a single account and unlink them any time, as long as at least one remains.

Base URL

https://api.taxmaxi.com
All auth endpoints are under the /auth prefix.

Authentication model

After a successful login or OAuth callback, the API returns a session token. Include this token in the Authorization header of every protected request:
Authorization: Bearer <token>
Tokens expire at the time indicated by expiresAt. Use POST /auth/refresh to extend your session before it expires. To invalidate a token immediately, call POST /auth/logout.

Endpoint reference

MethodPathAuth requiredDescription
GET/auth/providersNoList all enabled authentication providers
POST/auth/registerNoCreate a new local account
POST/auth/verify-emailNoSubmit an email verification code
POST/auth/resend-verificationNoResend the verification code email
POST/auth/loginNoLog in with email/password or OAuth code
GET/auth/authorize/:providerNoGet the OAuth authorization URL
GET/auth/callback/:providerNoHandle the OAuth provider callback
GET/auth/oauth/:idNoPoll an OAuth session for completion
GET/auth/meYesGet the current user and linked identities
PUT/auth/meYesUpdate your display name
POST/auth/refreshYesGet a new session token
POST/auth/logoutYesInvalidate the current session
POST/auth/change-passwordYesChange your password (local accounts only)
POST/auth/link/:providerYesInitiate linking an additional provider
DELETE/auth/identities/:identityIdYesUnlink a provider identity

Pages in this section

Register

Create a local account and complete email verification.

Login

Authenticate with email/password or an OAuth authorization code.

OAuth

Run the full OAuth flow to log in or link a Coinbase account.

Session

Manage your session: refresh tokens, update your profile, and log out.