Hello I just generated my CSR using fatooracli
All I need now is an OTP.
I have a few questions regarding that
Is it one OTP or do I have to generate it every time I send a request?
Do I need to run all the API’s mentioned in the sandbox (i.e. run CCSID then PCSID)
or do I run them once and then for every invoice I just report then clear it?
I’m having trouble understanding this, any help would be appreciated.
To be clear, I want to know the next steps in order to integrate the API’s. I saw the API’s in the sandbox but It’s unclear in what order I should call these API’s. if you can clarify that it would be great.
I also don’t understand the difference between CSID and PCSID. Do I need both on production or is one of them only for testing
Thank you for reaching out, and welcome to our community.
Our recommendation is:
Access Fatoora portal and log in using your tin number.
Use Simulation Enviromint before production, from simulation portal start using the APIs as their order.
Generate the OTP from simulation portal.
Use the CSR in the body of the request using the below endpoint to send the request for generating the CCSID (Use the OTP in the Headers of the request):
For the simulation environment use this API URL: https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance
The response will include the BinarySecurityToken and Secret, you will use those as Authentication in the compliance checks. Moreover, the response will include request_ID which will be used in the body for generating PCSID API in a later step.
You need to start the compliance check, In order to complete the compliance check you need to prepare your invoices. Please note that this is based on the invoice type in your configuration file if it’s 0100 that’s mean you will only send a simplified invoice, if it’s 1000 only for standard invoices and if it is 1100 you will send both standard and simplified.
For standard invoices:
1.use fatooranet generatehash -invoice “invoicebath” command to generate the hash
2.generate the JSON file for the invoice using fatooranet invoiceRequest -invoice “invoicebath” command
For simplified invoices:
1.make sure to change the SDK\Data\Certificates\cert.pem with the decoded CCSID
2.sign the invoice using fatooranet sign -invoice “invoicebath” command
3.generate the JSON file for the signed invoice using fatooranet invoiceRequest -invoice “invoicebath” command
For standard invoice https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/invoices/clearance/single and in the Auth make sure to use the BinarySecurityToken and secret as password from step 12, in the body you will send the UUID and the Invoice Hash and the Encoded invoice body (JSON file) that we generated using the command fatooranet invoiceRequest -invoice invoicename.xml
For simplified invoice https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/invoices/reporting/single In the Auth make sure to use the BinarySecurityToken and secret as password from step 12, in the body you will send the UUID and the Invoice Hash and the Encoded signed invoice body (JSON file) that we generated using the command fatooranet invoiceRequest -invoice singedinvoicename.xml
If you have any concerns regarding the onboarding process, please don’t hesitate to reach out with our support team via email:
but I am writing a web app, I don’t have access to these command line tools. How do I solve this? Is there a package for npm that I can use? Or can you guide me how to reproduce what these tools do?
Please note that you need to review the Educational Library sheard on ZATCA site to ensure full understanding for integration with ZATCA, Educational library (zatca.gov.sa) technical guideline.
Our recommendation is to use the SDK first in simulation env to ensure a clear understanding of the onboarding process, to be able to implement your tool.
After reviewing the Educational Library, If you faced any challenges do not hesitate to reach out to our support team via below email.