OAuth Dynamic Client Registration API
- URL
-
https://auth.ato.gov.au - Docs
- https://apiportal.ato.gov.au/api-products/oauth-dynamic-client-registration-api
Create an API Portal account and team app in the ATO API Portal getting started guide. After creating a team app and subscribing it to APIs, open the team app to retrieve its consumer key (API key). Sandbox keys are available after team app creation; production keys are available after requesting and receiving production access as described in How to use our API portal services.
For production, first register a software instance with the OAuth Dynamic Client Registration API to obtain a unique client_id. Then use an ATO-recognized machine credential as described in Client Authentication: directly connected software uses the business client's machine credential, while online service providers use their own. The machine credential is created via the ATO/RAM guidance linked from that page; you then extract the certificate/private key, sign a private key JWT, and exchange it for OAuth access tokens from ATO SSO/IdP. Sandbox testing uses the test credentials documented on the client-authentication page.