Error - certificate-permissions

Hi Team,

We got the below error response when we call the Clearance API.

“{“validationResults”:{“infoMessages”:[{“type”:“INFO”,“code”:“XSD_ZATCA_VALID”,“category”:“XSD validation”,“message”:“Complied with UBL 2.1 standards in line with ZATCA specifications”,“status”:“PASS”}]
,“warningMessages”:,“errorMessages”:[{“type”:“ERROR”,“code”:“certificate-permissions”,“category”:“CERTIFICATE_ERRORS”,
“message”:“User only allowed to use the vat number that exists in the authentication certificate”,“status”:“ERROR”}],
“status”:“ERROR”},“clearanceStatus”:“NOT_CLEARED”,“clearedInvoice”:null}”

Steps:

  1. We created a CSR using SDK with VAT no as: 311111111101113
  2. Subsequently we called these 3 API’s using REST API call:
    Compliance CSID,
    Compliance Invoice API
    Production CSID (onboarding) API
  3. We decoded the response from Production CSID of binarySecurityToken into input XML under tag ds:X509Certificate. Also, the input XML we used the same VAT (311111111101113) what we used for to generate CSR.
  4. Finally, we are getting shared above error when we call Clearance API.

Kindly let us know what we missed here.

Thanks.

1 Like

It appears there may be some confusion regarding the portal you are using. Allow me to clarify:

  1. If you are using the sandbox (developer portal APIs), it’s essential to use the predefined data outlined in the swagger file. Modifications to this data are not permitted.
  2. For Simulation or Production APIs, ensure that the VAT number in the CSR matches the one used on the portal to generate the OTP.
  3. In the case of Clearance APIs, the VAT number for the seller in the XML invoice should be the same VAT number used for the certificate.

If you continue to encounter the same issue despite these validations, please provide the following files to the official support channel, along with your Relationship Manager (RM), for further technical assistance:

  1. CSR and config file
  2. APIs endpoint used
  3. Samples of invoices attempting to submit through the clearance API

This information will help facilitate a more comprehensive investigation and resolution of your issue.

I Get same error with
https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/invoices/clearance/single

‘errorMessages’: [{‘type’: ‘ERROR’, ‘code’: ‘certificate-permissions’, ‘category’: ‘CERTIFICATE_ERRORS’, ‘message’: ‘User only allowed to use the vat number that exists in the authentication certificate’, ‘status’: ‘ERROR’}]