VATify.eu APIGet started
Introduction
VATify.eu API is a modern REST-like application programming interface that uses standard JSON format to exchange messages over TLS-encrypted HTTPS protocol. Client-side software implementation should feel reasonably straight-forward to most web developers and people familiar with REST.
The API currently supports live/real-time acquisition of basic company information, with data being sourced at various official authorities and other providers (see data sources). Unless data for a specific company were cached recently, VATify.eu systems will contact the authoritative sources in real time to access the required information, process it, and make the result available to the API caller. Depending on the sources used, this may take up to a minute or two (but takes only a few seconds for most countries in most circumstances, see the average response times).
Such delays must be taken into consideration when designing client software, especially user interfaces. However, the API makes integration easier by splitting the procedure into multiple calls – one to start the query, and others to check its status and/or get the results.
VATify.eu API basics
Currently, version 1 of the API is the one you can use. It is available
under the following root URL:
https://api.vatify.eu/v1
Client software communicates with the VATify.eu API by performing API calls. These are just standard HTTP requests to special URL addresses known as the API endpoints. Depending on the target endpoint, an API call must use the correct verb (i.e., HTTP method, usually GET or POST), provide the appropriate HTTP header fields and (if required) carry a JSON payload as the request body. Such basic web-client functionality is well supported in popular programming languages and development environments.
The „Accept“ and „Content-Type“ header fields are not strictly required in your HTTP requests. If missing, the payload will be sent/interpreted by the API as a UTF-8 encoded JSON document.
To make JSON response payloads easier to read by humans (using indentation
and newlines), append the format=human query parameter to the
endpoint URL. For example:https://api.vatify.eu/v1/query/results/EsmNAdZnCwbshE4phe18?format=human
The „demo“ API
For regular operation, API clients must possess valid credentials and be able to obtain access tokens. A special demo API is available that doesn't have these requirements. It can be used without authorization, and even directly with a web browser (HTTP GET requests are allowed where POST is normally required).
URL addresses for demo endpoints can be found by inserting the
demo/ path component immediately after the v1/ version
component. For example:
instead of the standard endpoint:https://api.vatify.eu/v1/query ,
you can use this demo endpoint:https://api.vatify.eu/v1/demo/query .
The demo API is limited to a predefined list of companies (available here). Any other company is considered non-existing. In most cases, the demo API also returns old/stale data that has been cached many days ago.
Get client credentials
Note: if using the demo API only, you may skip this step (see The „demo“ API above).
- Create an API account and sign in to this account.
- Select the „Client credentials“ tab (usually already selected) and click on the „Add new client“ button. A new row will appear at the bottom of the table.
- Type in a custom name for your client as you see fit. For example, a name could be a reference to a user, a customer or a software application.
- You can now find the new client's ID (a.k.a. the username) under the „Client ID“ column.
- To get the access key (a.k.a. the password), click on the „Show access key“ button.
Note that the access key will be shown only once and we can never show you the same key again (we only store a one-way encrypted version). The key can be changed at any time, however.
Get a bearer token
(example code:
Javascript,
PHP,
Python)
Note: if using the demo API only, you may skip this step (see The „demo“ API above).
VATify.eu API uses OAuth 2.0 „Client Credentials Flow“ for authentication and authorization. To make API calls, your integration must first obtain a bearer token. The bearer token is a secret string that authorizes you to use the API for a limited amount of time (usually 4 hours).
To exchange your (long-term) client ID and access key for this (time-limited)
bearer token, you must make an HTTP POST request to the API
authentication endpoint:https://api.vatify.eu/v1/oauth2/token
The variable grant_type with a value of client_credentials
should be sent in this request's body (payload). The request must also include an „Authorization“ header providing your
client ID and access key as per the HTTP basic authentication specification. This is one of the most common ways to authenticate via HTTP and should be
well supported by web-client libraries in popular programming languages.
Here is an example of how to get a bearer token using cURL:
curl -v POST https://api.vatify.eu/v1/oauth2/token \ -u '<CLIENT-ID>:<ACCESS-KEY>' \ -H 'Content-Type: application/json' \ -d '{ "grant_type": "client_credentials" }'
The result should be a „200 OK“ response with a JSON document as its body (payload).
Below is a response payload sample. The access_token string is
the newly generated bearer token, and expires_in is the number of
seconds before the token expires.
{ "scope": "vatifyeu_query", "access_token": "QXsVKAUwu3am1ekiNlUni7QPIxqSZ6qhRbay", "token_type": "Bearer", "created_at": "2022-03-02T11:44:30Z", "expires_at": "2022-03-02T15:44:29Z", "expires_in": 14399 }
Note that refresh/renewal tokens are not in use by the VATify.eu API. A new bearer token can be obtained by simply repeating the same API call again.
Start a VATify.eu query
(example code:
Javascript,
PHP,
Python)
After a bearer token has been successfully obtained, it can be used to make REST API calls.
Note: the demo API can be used without a bearer token, but only for testing (see The „demo“ API above).
One of the basic API calls is to run a VATify.eu real-time query. The caller provides a company ID and the country where this company is registered, and VATify.eu systems will retrieve basic information about the company from upstream official sources. Depending on the sources used, this may take up to a few minute or two (but takes only a few seconds in most circumstances).
To run a VATify.eu real-time query, you should send a POST request to
the REST API's query endpoint:https://api.vatify.eu/v1/query
The request payload must be a JSON document containing the variables
country (providing the country name or ISO-3166 country code) and
identifier (providing the company identifier). The identifier is
usually a VAT-ID or a registration number, but this depends on the country
(see data sources for more information).
Here is a cURL example for running a query:
curl -v POST https://api.vatify.eu/v1/query \ -H 'Authorization: Bearer <BEARER-TOKEN>' \ -H 'Content-Type: application/json' \ -d '{ "country": "<COUNTRY-NAME>", "identifier": "<COMPANY-IDENTIFIER>" }'
Alternatively (but not recommended), the same API call can be made via the
(incorrect) HTTP
GET method, providing input variables as query parameters
within the URL. Using the demo API, not even a valid bearer token is
required, and testing with only a web browser is possible. For example:
https://api.vatify.eu/v1/demo/query?country=Switzerland&identifier=CHE-109.409.488
Note: due to caching, demo queries usually take less time than regular
queries. The demo API thus recognizes a special query parameter delay which can be used to specify the minimum time (in seconds) that
must pass before the results become available. You can use this to simulate a
long-running query. For example:https://api.vatify.eu/v1/demo/query?country=Switzerland&identifier=CHE-109.409.488&delay=5
The result of your request will be a „202 Accepted“ response with a
JSON payload reporting the query status as „IN_PROGRESS“ and result
readiness as false. A sample is available below:
{ "query": { "status": "IN_PROGRESS", "id": "mnb6W4JJdsy3HgwLnAUc", "subject": { "identifier": "CHE109409488", "country_code": "CHE", "country_name": "Switzerland" }, "expires_at": "2022-03-04T13:08:57Z", "expires_in": 3600, "links": [ { "href": "https://test.api.vatify.eu/v1/query/results/mnb6W4JJdsy3HgwLnAUc", "method": "GET", "rel": "poll" } ] }, "result": { "ready": false, "links": [ { "href": "https://test.api.vatify.eu/v1/query/results/mnb6W4JJdsy3HgwLnAUc", "method": "GET", "rel": "self" } ] } }
The „Location“ header field of this HTTP response points to the URL of
the API endpoint that should be polled while waiting for query results. The
same URL is available under the links key in JSON dictionaries
query and result (see the above example).
Get VATify.eu query results
(example code:
Javascript,
PHP,
Python)
The HTTP response received when starting the VATify.eu query includes the URL of the endpoint that should be polled while waiting for results (see above). To check the status of the query and (when finished) retrieve the results, you should send a GET request to this URL. This should be done repeatedly, until the result is available.
For example (using cURL):
curl -v GET https://api.vatify.eu/v1/query/results/<QUERY-ID> \ -H 'Authorization: Bearer <BEARER-TOKEN>'
While the query is still in progress, the response will be similar to the one
received when starting the query, with HTTP status being „202 Accepted“,
query status „IN_PROGRESS“ and result readiness false (see the
example above).
But when query results become available, you should receive a „200 OK“
response. Query status will be marked as „FINISHED“ and result will be
ready (true). The requested company information will be included
under the result's items array:
{ "query": { "status": "FINISHED", "id": "rYoHE5i5DVdiUVp8fuyZ", "subject": { "identifier": "CHE109409488", "country_code": "CHE", "country_name": "Switzerland" }, "expires_at": "2022-03-04T17:10:14Z", "expires_in": 3591, "links": [ { "href": "https://test.api.vatify.eu/v1/query/results/rYoHE5i5DVdiUVp8fuyZ", "method": "GET", "rel": "poll" } ] }, "result": { "ready": true, "items": [ { "data": { "identifier": "109409488", "status": "OK", "vat_status": "VALID", "title": "STUDIO MODERNA SA", "address": "Via Industrie 25", "city": "Giubiasco", "community": "Bellinzona", "region": "TI", "country": "Switzerland", "postal_code": "6512", "community_code": "5002", "country_code": "CHE", "registration_number": "CH51430258162", "vat_registration_date": "2003-04-01", "tax_id_number": "CHE-109.409.488", "sector": "62.010", "_hr_registry_status": true, "_uid_registry_status": true, "_uid_registry_extension": "MWST" }, "retrieval_date": "2022-03-03", "retrieved_at": "2022-03-03T22:00:32Z", "vatify_consultation_id": "POwVa5-c0yWPY-Is1jE2-V5wNiR-6F9uTj-YeNa8R" } ], "links": [ { "href": "https://test.api.vatify.eu/v1/query/results/rYoHE5i5DVdiUVp8fuyZ", "method": "GET", "rel": "self" } ] } }
Please note:
Only the
identifier,statusandvat_statusfields are guaranteed to be available for every company. The presence and scope of the rest of the dataset depends on the information VATify.eu systems are able to retrieve from upstream providers in each country (see data sources). In most cases, however, at least the company name and address will also be available.In some circumstances, the
itemsarray may contain more than one company. For example, the Bosnia and Herzegovina's unified company register is comprised of 3 separate/independent registers, and multiple companies may be found even if searching with a single identifier.