السلام عليكم ورحمة الله
I am trying to Create invoice and faced the 401 error code.
Here are all the steps I followed:
1- I created a configuration file for generating the csr file “rodud.config.properties”
2- I generated the csr file using the command:
“./fatoora -csr -csrConfig rodud.config.properties -generatedCsr rodud.csr -sim”
3- I made a request to the “compliance” endpoint “https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/compliance” and added the generated csr to it.
- The request body:
{
"csr": "LS0tLS1CRUdJTiBDRVJUSUZJQ**********gQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg=="
}
- The response:
{
"requestID": 1234567890123,
"dispositionMessage": "ISSUED",
"binarySecurityToken": "TUlJQ0dqQ0NBY*************sSVV0L04wPQ==",
"secret": "BiY+39FALc1VkGx0cjXFbZfzD8*************65SY=",
"errors": null
}
I generated and signed an invoice using the cli tool:
$ ./fatoora -invoice invoice.xml -validate
********** Welcome to ZATCA E-Invoice Java SDK 3.4.3 *********************
This SDK uses Java to call the SDK (jar) passing it an invoice XML file.
It can take a Standard or Simplified XML, Credit Note, or Debit Note.
It returns if the validation is successful or shows errors where the XML validation fails.
It checks for syntax and content as well.
You can use the command (fatoora -help) for more information.
2025-08-24 16:25:01,001 [INFO] ValidationProcessorImpl - [XSD] validation result : PASSED
2025-08-24 16:25:01,410 [INFO] ValidationProcessorImpl - [EN] validation result : PASSED
2025-08-24 16:25:01,573 [INFO] ValidationProcessorImpl - [KSA] validation result : PASSED
2025-08-24 16:25:01,593 [INFO] ValidationProcessorImpl - [PIH] validation result : PASSED
2025-08-24 16:25:01,593 [INFO] InvoiceValidationService - *** GLOBAL VALIDATION RESULT = PASSED
$ ./fatoora -invoice invoice.xml -sign -signedInvoice rodud_signed_invoice.xml
********** Welcome to ZATCA E-Invoice Java SDK 3.4.3 ***********
…
2025-08-24 16:26:13,945 [INFO] InvoiceSigningService - invoice has been signed successfully
2025-08-24 16:26:13,946 [INFO] InvoiceSigningService - *** INVOICE HASH = ulAYrMYhYiQUEmzIT86KR1g+TZW6DnXA3CUSQ2nOiac=
I generated the Request body for the invoice using the cli tool and sent it to the “/compliance/invoices” endpoint and got the reponse:
{
"validationResults": {
"infoMessages": [
{
"type": "INFO",
"code": "XSD_ZATCA_VALID",
"category": "XSD validation",
"message": "Complied with UBL 2.1 standards in line with ZATCA specifications",
"status": "PASS"
}
],
"warningMessages": [],
"errorMessages": [],
"status": "PASS"
},
"reportingStatus": null,
"clearanceStatus": "CLEARED",
"qrSellertStatus": null,
"qrBuyertStatus": null
}
But when I try to send the invoice to the clearance endpoint “/developer-portal/invoices/clearance/single”, I get the response “401 Unauthorized”, although I used the same credentials that I used in the endpoint “/compliance/invoices”. I got these credentials from the response of “developer-portal/compliance”.
If I try to send a requset to the “/developer-portal/production/csids” endoint with the request body:
{
"compliance_request_id": "1234567890123"
}
I get the response:
400 Bad Request
{
"code": "Invalid-Request",
"message": "Invalid message body, body should contain compliance_request_id field only as json filed"
}
although the request body is valid JSON.
Am I missing any steps or configurations?
Any help would be appreciated, as I am stuck and lost at this point.