Skip to main content
GET
/
tax
/
certificates
/
{certificate_id}
Get Certificate
curl --request GET \
  --url https://api.numeralhq.com/tax/certificates/{certificate_id} \
  --header 'Authorization: Bearer <token>' \
  --header 'X-API-Version: <x-api-version>'
{
  "id": "cert_a8f3d2c1-1b9a-4c5e-8d7e-6f4a3b2c1d0e",
  "object": "tax.exemption_certificate",
  "certificate_type": {
    "id": "12",
    "name": "California Resale Certificate (CDTFA-230)",
    "certificate_identifier": "US-CA-CDTFA-230"
  },
  "customer": {
    "id": "cust_6126acaf-7379-411a-8ada-00005bac0715",
    "reference_customer_id": "20506"
  },
  "jurisdictions": [
    {
      "jurisdiction_id": "US-CA",
      "effective_date": "2023-12-25",
      "expiration_date": "2023-12-25"
    }
  ],
  "effective_date": "2023-12-25",
  "expiration_date": "2023-12-25",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "livemode": true,
  "download_url": "<string>"
}

Get Certificate (2026-03-01)

Retrieve a single exemption certificate by id, including a short-lived download_url for the original document.
Remember to include the X-API-Version: 2026-03-01 header. Certificate endpoints are live-only — using a sk_test_* key returns TESTMODE_NOT_SUPPORTED. Certificates outside your account return CERTIFICATE_NOT_FOUND (404).

The download_url field

download_url is a pre-signed URL pointing to the original certificate document. It expires one hour after the response is issued — re-fetch the certificate to mint a fresh URL. download_url is null (not omitted) when no document is attached to the certificate yet — typical for processing certificates that haven’t finished ingestion. The certificate itself still exists; the response is 200, not 404. Poll the certificate until a download_url appears, or wait for the certificate.processing_completed webhook (coming in a future release).
Treat download_url as confidential. Anyone with the URL can download the certificate document until the URL expires. Do not log, cache past the TTL, or expose the URL on a public page.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Headers

X-API-Version
enum<string>
required
Available options:
2026-03-01

Path Parameters

certificate_id
string
required

Response

Certificate detail (includes pre-signed download_url)

A single exemption certificate.

id
string
required
Example:

"cert_a8f3d2c1-1b9a-4c5e-8d7e-6f4a3b2c1d0e"

object
string
required

The type of object: tax.exemption_certificate

Example:

"tax.exemption_certificate"

status
enum<string>
required

Public lifecycle state of an exemption certificate. expiring and expired are distinct from invalid so a renewable lapse is distinguishable from a revoked or rejected certificate.

Available options:
processing,
needs_info,
active,
expiring,
expired,
invalid
certificate_type
object
required

The type of an exemption certificate.

customer
object
required

The customer this object is linked to. id is the Numeral cust_* id; reference_customer_id is the value you supplied when the customer was created (may be null).

jurisdictions
object[]
required
effective_date
string<date> | null
required
expiration_date
string<date> | null
required
created_at
string<date-time>
required
updated_at
string<date-time>
required
livemode
enum<boolean>
required
Available options:
true
download_url
string<uri> | null
required

Pre-signed URL to download the original certificate document. Expires one hour after issuance — refetch the certificate to mint a new URL. null (response still 200) when no document is attached yet. Treat as confidential.