# FAQs Source: https://developer.avalara.com/goods-calculation-en/faqs/ Below are answers to common questions that users face when integrating AvaTax Brazil. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What is our API type?](javascript:void\(0\);) REST API. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)Do we accept files sent via XML or just JSON file model?](javascript:void\(0\);) Only JSON file model is accepted. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What is the difference between the Sandbox and Production environments?](javascript:void\(0\);) The sandbox environment is available so that the partner has an environment where they can carry out tests and simulate operations at project time, and before go-live. Therefore, there are no technical differences between environments, except for the data source. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)Can I use my credentials in both Sandbox and Production?](javascript:void\(0\);) No, the credentials are unique to each environment. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What authentication methods are supported?](javascript:void\(0\);) The authentication method supported is OAuth 2.0 bearer token authentication. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What is the sandbox URL?](javascript:void\(0\);) [https://portal.sandbox.avalarabrasil.com.br/Login](https://portal.sandbox.avalarabrasil.com.br/Login) [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)Who do I contact if my sandbox has expired?](javascript:void\(0\);) If your sandbox has expired, you should contact the Partner Launch Brazil team. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)How can I confirm if the service is up?](javascript:void\(0\);) [https://api-gateway.sandbox.avalarabrasil.com.br/portal/health](https://api-gateway.sandbox.avalarabrasil.com.br/portal/health) [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What can you do if your “Secret Token” was exposed?](javascript:void\(0\);) If your “Secret Token” has been exposed, it is possible to revoke it through the Avalara Portal. 1. Select the token that will be revoked and click revogar to revoke the token. 2. Select confirmar to confirm the operation. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What should I do if I lose my “Secret Token”?](javascript:void\(0\);) If you did not save your “Secret Token” in a safe place and lost it, you must revoke your token and create a new one. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)How can I obtain my “Client ID”?](javascript:void\(0\);) You can access your Client ID in two different ways. - When you create your Secret token, your client ID is shown. - You can also find your client ID in `na assinatura` and `infomações da assinatura`. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What happens if I send the JSON request WITHOUT `disableTokenRefresh`?](javascript:void\(0\);) You will receive a `refresh_token` in the response. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)What happens if I send the JSON request WITH `disableTokenRefresh` set to `true`?](javascript:void\(0\);) You will not receive the `refresh_token` in the response, and it will be necessary to send the credentials again, after the session expires. [![Closed](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Skins/Default/Stylesheets/Images/transparent.gif)How to request the Avalara Brazil calculation engine to exclude PIS and COFINS from the ICMS calculation base?](javascript:void\(0\);) There is the possibility of sending a parameter through the API so that PIS/COFINS is excluded from the ICMS calculation base. This parameter is the: pisCofinsIcmsTaxRelief (path: header.locations.entity.taxesSettings.pisCofinsIcmsTaxRelief). The parameter can be configured via the Avalara Portal screen, as shown in the image below: ![Screenshot of the Avalara Portal with the location of the parameter outlined in blue.](https://avalara-devdocs-prod.mcoutput.com/goods-calculation-en/Resources/Images/DevDot/br-exclui_icms_avataxbr.png) It is important to note, however, that if the parameter is configured on screen, this information will become fixed for the company in question. But if the parameter is sent in the payload, through the API, it can become transactional, that is, sent only for cases where such functionality is desired.