H

Health Check API

REST discovered

Details
URL
https://{env}/healthcheck/v1
Spec
https://apiportal.ato.gov.au/sites/default/files/apidoc_specs/dsg-health-check-v1_10_0_0.yaml
Docs
https://apiportal.ato.gov.au/api-products/health-check-api
Authentication
ATO API Portal consumer key (API key) x-api-key: <credential> + ATO machine-to-machine (M2M) credential with registered client ID Authorization: Bearer <credential> discovered
ATO API Portal consumer key (API key) api_key Get key ↗

Create an API Portal account and team app in the ATO API Portal getting started guide. After creating a team app and subscribing it to APIs, open the team app to retrieve its consumer key (API key). Sandbox keys are available after team app creation; production keys are available after requesting and receiving production access as described in How to use our API portal services.

ATO machine-to-machine (M2M) credential with registered client ID compound Get key ↗

For production, first register a software instance with the OAuth Dynamic Client Registration API to obtain a unique client_id. Then use an ATO-recognized machine credential as described in Client Authentication: directly connected software uses the business client's machine credential, while online service providers use their own. The machine credential is created via the ATO/RAM guidance linked from that page; you then extract the certificate/private key, sign a private key JWT, and exchange it for OAuth access tokens from ATO SSO/IdP. Sandbox testing uses the test credentials documented on the client-authentication page.