Error During Device Onboarding – Missing Compliance Steps

XML and business rules
1

Dear ZATCA Team,

We are currently in the process of testing our e-invoicing solution to ensure successful integration with ZATCA (Phase 2).

During this process, we have encountered an issue while attempting to onboard a new device in the production environment. The error we are receiving is as follows:

jsonResponse from production:

{“code”:“Missing-ComplianceSteps”,“message”:“The compliance certificate is not done with the following compliance steps yet [standard-compliant,standard-credit-note-compliant,standard-debit-note-compliant,simplified-compliant,simplified-credit-note-compliant,simplified-debit-note-compliant]”}

The steps we are following are:

  1. Generate CSR using Cli commands of Zatca sandbox

  2. ⁠call compliance CSID API using generated CSR

  3. ⁠call production onboarding API with using the credentials of compliance CSID API

Please note that we are using the production URLs for this test — not the simulation or developer portals.

We would appreciate your assistance in understanding the cause of this error and the proper steps to resolve it.

2

Dear @sBayo

Thanks for reaching out, Welcome to our community.

Please note that after receiving the CCSID from the compliance API you need to proceed to complete all the compliance checks using the /compliance/invoices API with sending some samples for security checks to ensure successfully integration and generating your PCSID, based on your config file please find the below scenario:

If you are using in your config file the invoiceType as:
1- 1000: This means that the facility is issuing only standard B2B invoices, In this case you need to share 3 standard samples (Standard, Standard Credit, and Standard Debit) to the /compliance/invoices to complete all the compliance checks successfully.

2- 0100: This means that the facility is issuing only Simplified B2C invoices, In this case you need to share 3 Simplified samples (Simplified, Simplified Credit, and Simplified Debit) to the /compliance/invoices to complete all the compliance checks successfully.

3- 1100: This means that the facility is issuing both standard B2B and simplified B2C invoices, In this case you need to share 6 standard & Simplified samples (Standard, Standard Credit, Standard Debit, Simplified, Simplified Credit, and Simplified Debit) to the /compliance/invoices to complete all the compliance checks successfully.

Regarding the samples you can install our SDK via this link Zatca and following the below path after installing SDK refer to
“zatca-einvoicing-sdk-Java-238-R3.4.1\Data\Samples” you will find both samples for standard and simplified.

Additionally, please find the attached “APIs_sim.png” showing the onboarding APIs that you need to follow in order the second API is for compliance checks which you need to follow the above steps to be able to successfully receiving your PCSID

APIs_sim
APIs_sim1607×623 62.2 KB

Note: The attached screenshot is for simulation environment, our recommendation is to start in simulation before proceeding to production environment.

I hope it’s clear enough now.

If you have any further concerns do not hesitate to reach out via below mail.

SP mail: sp_support@zatca.gov.sa

Thanks,
Ibrahem Daoud.

3

Dear @idaoud

Thank you for your help and guidance.

We followed you steps and successfully onboarded multiple devices on production.

Now we are trying to onboard a device with Zatca in simulation environment but we got error as below:

“The provided Certificate Signing Request (CSR) is invalid.”

Because of that we tried to onboard a device on production environment and it got successfully onboarded. But when trying to send invoices through that onboarded pos unit we get 401. Our company still not included in Zatca phase two. Is it the reason for getting response as unauthorized ?

And can you please guide us with onboarding the device in simulation environment with mitigating above error of getting invalid CSR.

FYI: we use Fatoora sandbox and generate CSR using cli.

Thank you again for your support.

Sultan

4

Morning @sBayo

Thanks for reaching out, I hope you are doing well.

Can I kindly ask you to share the detailed steps you followed from generating CSR along with each end point you are using, with also share the config file that you are generating your CSR from. to the below mail to schedule one to one meeting with our technical team If needed.

SP mail: sp_support@zatca.gov.sa

Thanks,
Ibrahem Daoud.

5

Dear Ibrahem Daoud.

We have emailed you with requested details.
We wish to have to have one to one call to solve the issue.

Regards