Hi,
I am trying to onboard a client on the simulation portal. The CSR was successful and the certificate key was provided
When I am sending the compliance xml with the key I am getting 401 error
“You not authorized to use this api endpoint”
I have received the compliance request id also
I have tried it twice on 30th and 31st but still getting the same error
I can share the screen shot if required
What is the solution for this?
Regards
Vivek Kedia
Hi Vivek,
When completing the CSR request you will receive 3 main outputs:
We believe the issue you are facing is due to not including the certificate and secret on the basic auth. please check the API samples on the sandbox for more examples on the authorization (basic auth).
Thank you
The error message you provided, “You are not authorized to use this API endpoint,” is a common explanation for a “401 Unauthorized” error. It’s a way for the server to inform the client that they need to provide valid credentials before they can access the requested API.
To resolve this issue, Please check:
1- CSR Request : Double-check that you’ve correctly configured the CSR (Certificate Signing Request) based on the environment you intend to use. Make sure the values you’re entering align with the intended environment as this reference
2- API Endpoint: Ensure that you are using the correct APIs for the correct Environment you want to use.
e.g :
If using Simulation Env, use the Simulation portal to get the OTP and Simulation APIs to get the CCSID and PCCSID as this reference and this reference
3 - Authentication Method: Verify that you are using the correct authentication method (Basic Authentication).
4- Check Credentials: Ensure that you are providing the correct authentication credentials ( username = {binarySecurityToken} and password = {secret}) in the request Auth.
5- Valid Credentials: Ensure that you are using the correct credentials for the correct environment for example you should not use the Simulation Certificates on production and vice versa.
If you have verified all of the above and are still encountering the “401 Unauthorized” error, you may need to provide the support team with the APIs collection and config file used to generate the CSR and sample of submitted invoices.
Hi,
After resolution by Zatca the compliance API have passed.in Simulation portal
Now the error is for the CSID
we are calling this Link - https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/production/csids
The error returned is : The requested URL was rejected. Please consult with your administrator
We have got a support id number - how do we contact support for help?
What could be the error?
Regards
Vivek
Please, try to repeat the action outside of your company network to potentially eliminate the probability of being blocked by your company’s firewall (e.g. as the message might be coming from your own network instead of ZATCA).
Secondly, try to perform the task via Postman collection. If the issue still persists, please, share the postman collection with ZATCA via the official channels or your RM for further investigation.