API Reference

Avtax ETA API Documentation

The Avtax ETA API is a B2B gateway for integrating with the Egyptian Tax Authority (ETA). It handles the full document lifecycle — from JSON input to a cryptographically signed, ETA-compliant document — so your team can focus on business logic, not tax compliance.

Base URL: All API requests are made to https://eta-api.avtax.net. For interactive exploration, visit the Scalar API Reference.

1

Register as a Partner

Contact us to receive your partner credentials. You'll get an email and password to authenticate and receive a JWT token for all API calls.

2

Register Your Customers

Use the Customer API to register each of your clients with their ETA credentials. We securely validate and cache their ETA access tokens automatically.

3

Submit Documents

Send a simple JSON payload per customer. We validate, serialize, and cryptographically sign it using the customer's registered desktop signing app, then submit it to the ETA.

Authentication

The Avtax ETA API uses two authentication schemes depending on which API group you are calling.

Partner API
JWT Bearer Token
Used for Customer management and dashboard endpoints. Obtain via /api/Auth/login.
Authorization: Bearer <token>
Document API
X-Api-Key Header
Used for Invoice and Receipt submission endpoints. Generated per-customer via the Customer API.
X-Api-Key: <customer-api-key>

Obtaining a JWT Token (Partner API)

HTTP 
POST /api/Auth/login
Content-Type: application/json

{
  "email": "partner@yourcompany.com",
  "password": "your-password"
}
Response 
{
  "success": true,
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expiration": "2026-02-01T00:00:00Z",
  "message": "Login successful"
}

Using the X-Api-Key (Document API)

Each customer has a unique API key generated via POST /api/Customers/{id}/api-keys. Provide it in the X-Api-Key header for all Invoice and Receipt requests.

HTTP Header 
X-Api-Key: a1b2c3d4e5f6...

Quick Start — Submit an Invoice

The following example submits a simple B2B invoice for a registered customer. Use the customer's X-Api-Key (from POST /api/Customers/{id}/api-keys) in the request header.

JSON 
POST /api/Invoices/submit
X-Api-Key: <customer-api-key>
Content-Type: application/json

{
  "invoices": [
    {
      "internalID": "INV-2026-0001",
      "dateTimeIssued": "2026-01-15T10:00:00Z",
      "documentType": "I",
      "taxpayerActivityCode": "4620",
      "receiver": {
        "type": "B",
        "id": "012345678",
        "name": "Client Company LLC"
      },
      "invoiceLines": [
        {
          "description": "Software Development Services",
          "itemType": "EGS",
          "itemCode": "EG-123456789-12345",
          "unitType": "EA",
          "quantity": 1,
          "unitValue": {
            "currencySold": "EGP",
            "amountEGP": 10000
          }
        }
      ]
    }
  ]
}

Automatic calculations: You only need to provide line item prices. Avtax ETA API automatically calculates all totals, VAT (14%), withholding taxes, and other ETA-required fields according to the latest ETA specifications.

Partner Auth

Manage partner account registration and login. All endpoints in this group return a JWT token used to authenticate Partner API calls.

POST /api/Auth/register

Create a new partner account. Returns a JWT token on success.

POST /api/Auth/login

Authenticate with email and password. Returns a JWT Bearer token and its expiration date.

Register — Request Body 
{
  "partnerName": "My Integration Co.",
  "email": "partner@example.com",
  "password": "SecurePassword1!",
  "phoneNumber": "+201000000000"
}

Customer Management

Register and manage customer ERPs under your partner account. All endpoints require a Authorization: Bearer <token> header. Each customer gets an isolated API key used for document submission.

GET /api/Customers

List all customers registered under your partner account, including their active API key and signature client connection status.

GET /api/Customers/{id}

Retrieve a single customer by ID.

POST /api/Customers

Register a new customer ERP with their ETA credentials. The Tax ID is automatically extracted from the ETA token and verified — no need to supply it manually.

PUT /api/Customers/{id}

Update a customer's details or ETA credentials. If new credentials are supplied, they are validated against the ETA and must match the customer's registered Tax ID.

DELETE /api/Customers/{id}

Permanently remove a customer ERP and all associated data from your account.

GET /api/Customers/dashboard

Get a summary of your customer base: total, active, and currently connected signature clients.

API Key Management

Each customer requires an active API key to submit documents. Generating a new key automatically revokes the previous one.

POST /api/Customers/{id}/api-keys

Generate a new API key for the customer, revoking any previously active keys. Returns the updated customer info including the new key.

DELETE /api/Customers/{id}/api-keys

Revoke the customer's active API key without generating a replacement. Returns 400 if no active key exists.

ETA Notification Forwarding

Avtax ETA API acts as a relay between ETA and your customer's ERP system. ETA calls our callback URLs, we receive the notification, transform it into a simple JSON format, and POST it to the URL your customer registered.

How it works
  1. You register the customer and set their ERP Callback URL (the endpoint in their own system).
  2. You register https://eta-api.avtax.net/{customerApiKey} as the callback base URL inside ETA portal for that customer.
  3. ETA calls PUT /{customerApiKey}/notifications/documents or PUT /{customerApiKey}/notifications/receipts on our server.
  4. We validate the key, translate the payload, and POST a simplified notification to the customer's ERP Callback URL.
  5. The customer's ERP returns 200 OK and processes the update.
PUT /{customerApiKey}/notifications/documents

ETA calls this when a document event occurs (validated, received, rejected, cancelled). We forward a simplified POST to the customer's ERP Callback URL.

PUT /{customerApiKey}/notifications/receipts

ETA calls this when a receipt event occurs (validated, received, cancelled). We forward a simplified POST to the customer's ERP Callback URL.

What your customer's ERP receives

Your customer's ERP endpoint receives a POST request with this simplified JSON body. They must return 200 to acknowledge receipt.

Outbound Notification Payload (JSON) 
{
  "source": "ETA",
  "type": "document",
  "deliveryId": "838847HS2",
  "receivedAt": "2026-01-15T10:00:00Z",
  "notifications": [
    {
      "eventType": "document-validated",
      "uuid": "F9D425P6DS7D8IU",
      "internalId": "INV-2026-0001",
      "submissionId": "JU7GH07JNA23N",
      "status": "Valid"
    }
  ]
}
type
"document" or "receipt"
eventType
ETA event (e.g. document-validated, Validated, Cancelled)
status
Valid, Invalid, Cancelled, Rejected
Create Customer — Request Body 
{
  "companyName": "My Client LLC",
  "branchCode": "0",
  "etaClientId": "your-eta-client-id",
  "etaClientSecret": "your-eta-client-secret",
  "isProduction": false
}

Invoice Submission

Submit standard invoices, credit notes, and debit notes to the Egyptian Tax Authority. All document types flow through a single endpoint using the documentType field. All endpoints require an X-Api-Key header.

Signature App required: Invoice signing requires the customer's USB token to be connected via the Signature Desktop App. Download Signature App

POST /api/Invoices/submit

Submit one or more invoices. Supports: I (Invoice), C (Credit Note), D (Debit Note).

PUT /api/Invoices/cancel

Request cancellation of a previously submitted document. Provide the document uuid and a cancellation reason.

PUT /api/Invoices/reject

Reject a document received from a supplier. Provide the document uuid and a rejection reason.

PUT /api/Invoices/decline-rejection

Decline a rejection request received for one of your submitted documents. Provide the document uuid.

GET /api/Invoices/search

Search submitted or received documents using filters: date range, direction, status, type, receiver/issuer ID, internal ID, UUID, and pagination.

GET /api/Invoices/{uuid}/details

Retrieve full validation details and the complete document JSON for a specific invoice.

GET /api/Invoices/{uuid}/pdf

Download the ETA-generated PDF for a specific invoice. Returns a binary PDF file.

GET /api/Invoices/submissions/{uuid}

Retrieve the processing status and individual document results for a specific batch submission UUID.

Document Types

Type "I"
Standard Invoice
B2B sales invoice
Type "C"
Credit Note
Requires original UUID
Type "D"
Debit Note
Requires original UUID

Receipt Submission

Submit B2C receipts and return receipts. Receipts use device-based chain linking — each device maintains its own sequential chain automatically tracked by the API. All endpoints require an X-Api-Key header.

POST /api/Receipts/submit

Submit one or more receipts. Supports: s (Sale), r (Return). Device chain linking is handled automatically.

GET /api/Receipts/search

Search submitted receipts using filters: issue date range, received date range, POS serial number, receipt number, UUID, and pagination.

GET /api/Receipts/{uuid}/details

Retrieve full validation details and the complete receipt JSON for a specific receipt UUID.

GET /api/Receipts/{uuid}/raw

Retrieve the raw processing details of a specific receipt as returned directly by the ETA.

GET /api/Receipts/submissions/{uuid}

Retrieve full processing details and individual receipt statuses for a specific batch submission UUID.

Auto device chain linking: The ETA requires each receipt to reference the UUID of the previous receipt from the same POS device. The API tracks this automatically per Seller.DeviceSerialNumber. Simply omit Header.PreviousUUID (or set it to "") and the server fills it from the last accepted receipt for that device. For the very first receipt from a new device, an empty string is submitted as required by ETA.

ETA Notifications

Avtax ETA API acts as a relay for ETA event notifications. We receive raw ETA callbacks on behalf of your customers, transform them into a clean JSON format, and forward them directly to each customer's registered ERP endpoint — so your customers never need to expose an ETA-compatible server themselves.

Setup — 3 Steps

1

Register the customer's ERP Callback URL

When creating or editing a customer, provide the URL of their ERP endpoint (e.g. https://customer-erp.com/eta-notifications). We will POST simplified notifications to this address.

2

Register our callback base URL at the ETA portal

In the ETA taxpayer portal, set the callback base URL to:
https://eta-api.avtax.net/{customerApiKey}
Replace {customerApiKey} with the customer's active API key (visible on the Customers page). ETA will automatically append /notifications/documents and /notifications/receipts.

3

Implement the endpoint in the customer's ERP

The customer's ERP must expose a POST endpoint at the registered URL. It should accept the simplified payload below and return 200 OK. No special headers or authentication are required — the URL itself acts as the shared secret.

Outbound Notification Payload

This is what the customer's ERP endpoint receives for both document and receipt events. The type field distinguishes between the two.

Document Event 
POST https://customer-erp.com/eta-notifications
Content-Type: application/json

{
  "source": "ETA",
  "type": "document",
  "deliveryId": "838847HS2",
  "receivedAt": "2026-01-15T10:00:00Z",
  "notifications": [
    {
      "eventType": "document-validated",
      "uuid": "F9D425P6DS7D8IU",
      "internalId": "INV-2026-0001",
      "submissionId": "JU7GH07JNA23N",
      "status": "Valid"
    }
  ]
}
Receipt Event 
POST https://customer-erp.com/eta-notifications
Content-Type: application/json

{
  "source": "ETA",
  "type": "receipt",
  "deliveryId": "929157AB1",
  "receivedAt": "2026-01-15T11:30:00Z",
  "notifications": [
    {
      "eventType": "Validated",
      "uuid": "9d74ecc5a844354864c762c0d413ee42336561f5",
      "internalId": "REC-2026-0042",
      "submissionId": "BC6J9M86WWVP567DEYGFTD8G10",
      "status": "Invalid"
    }
  ]
}

Field Reference

Field Type Description
source String Always "ETA"
type String "document" or "receipt"
deliveryId String Unique batch ID from ETA, useful for deduplication
receivedAt DateTime UTC timestamp when we received the batch from ETA
notifications Array List of notification items in this batch
eventType String ETA event: document-validated, document-received, document-rejected, document-cancelled, Validated, Received, Cancelled
uuid String Unique document or receipt UUID assigned by ETA
internalId String Your internal document ID as submitted
submissionId String The batch submission UUID
status String Valid, Invalid, Cancelled, or Rejected

Reliability: If the customer's ERP returns a non-200 response or is unreachable, we log the failure but still return 200 to ETA to prevent unnecessary retries. Ensure your ERP endpoint is always available and responds within 15 seconds.

Error Codes

All errors return a consistent JSON structure with success, message, errorCode, and an errors array.

HTTP Status Codes

Status Meaning Common Cause
400 Bad Request Invalid request body, missing fields, or business rule violation
401 Unauthorized Missing or expired JWT / X-Api-Key, or invalid API key
403 Forbidden Partner account inactive or customer limit exceeded
404 Not Found Customer or document not found under your account
422 Unprocessable ETA validation failed — check ETA credentials or document data
500 Server Error Unexpected error — contact support with your request ID

Internal Error Codes (errorCode field)

Code Description
CUSTOMER_INACTIVE The customer account is deactivated. Re-activate via PUT /api/Customers/{id}.
MISSING_CONFIGURATION The customer has no ETA credentials configured. Update via PUT /api/Customers/{id}.
INVALID_API_KEY The X-Api-Key header is missing, revoked, or does not exist.
ETA_AUTH_FAILED ETA credential validation failed. Check clientId and clientSecret.
CUSTOMER_LIMIT_REACHED Partner has reached the maximum number of allowed customers.

Ready to explore interactively?

Use the Scalar API explorer to test every endpoint with live requests.

Open API Explorer