I’m currently integrating with the ZATCA API. I successfully created CSID and PCSID, and the integration was working properly. However, now I am receiving “Unauthorized” errors when trying to send requests.
Could you clarify whether this error is coming from ZATCA or from my side? Any guidance or troubleshooting tips would be greatly appreciated.
Thank you in advance for your help.
@islamalghoul are you validating each invoice using Compliance Check API before submitting them to Production APIs? If yes, then please note that Compliance Check API is intended only for completing onboarding process and should not be used to validate every single invoice before submitting it on Production. Once the Production CSID is onboarded successfully, ZATCA will revoke Compliance CSID and you should not use that Compliance CSID further.
@Ankit.K.Tiwari Yes, I am using the simulation mode, and it was working 100% before. After generating the CSID, I completed the onboarding process to generate the PCSID, and that was successful as well.
I am not using the Compliance Check API before reporting invoices — I only used it during the onboarding process to generate the PCSID.
Would you like me to share the token that is being sent when I try to report an invoice?
Hi Ankit, We have been clearing each and every invoice in the same manner after calling Compliance API every time before calling Clearance API and we haven’t encountered this kind of error before. However, we’ve been receiving this error only after Aug 25th 2025.Could you please confirm if ZATCA has made any changes after this date?
@Jenifer yes it is a recent change from ZATCA’s side to prevent use of Compliance Check API beyond its intended purpose. Compliance Check API is to be used only for testing sample XMLs during onboarding process. Once the Production CSID is onboarded successfully, ZATCA will revoke Compliance CSID and you should not use that Compliance check API for testing each invoice before sharing to Clearance API or Reporting API.
@Ankit.K.Tiwari thanks for update . So now we need to check reporting and clearance of invoices on reporting/single and clearance/single with Production CSID and Production secret?
@mr_iffi no you should not use Production APIs for testing purposes.
islamalghoul
did this issue get solved on your side? Since you mentioned completing the onboarding and generating the PCSID successfully, I just want to confirm if everything is working fine now.
@Ankit.K.Tiwari No i am not asking for testing, I am asking for production. In production mode our system work fine before 23 augest on compliance/invoice api, now its return empty response against this api with 401 code since 23 augest. So now we need to change this request to reporting/single and compliance/single with PCSID?
@mr_iffi yes correct, you have to send the invoices directly using Clearance API or Reporting API using PCSID.
@Ankit.K.Tiwari Thanks for your guide my issue is resolved. But now we need to compile our customer invoices which is b2c, the issue is these invoice datetime is more than 24 hours in past what should i do in that situation. Can I change these invoices datetime and compile all invoices in a single day? maybe these invoices nearly equal 200 or more.
@mr_iffi No you should not change the invoice issue date and time. Send the XMLs with original content, you will receive warning for exceeding 24 hours, but you do have a reasonable explanation for exceeding 24 hours.
@Ankit.K.Tiwari Thank you so much for your attention.