Is there any other way I can obtain the OTP for the simulation platform? When I click “Onboard New Solution Unit/Device” and try to test it using the following link:
https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance
The result I receive is:
{ “errors”: [
{ “code”: “Invalid-OTP”,
“message”: “The provided OTP is invalid” }
] }
This happens when I attempt to use the OTP. Could you please advise on how to resolve this issue or suggest an alternative method for obtaining the OTP?
Did you try Fatoora_Portal_User_Manual_English?
Page 17 to 20
@eCloud
I have a question regarding the process of signing XML documents during onboarding versus signing invoices for reporting or clearance after onboarding.
Is there any difference in the method of signing XML to obtain the PCSID using the CCSID during onboarding, compared to signing invoices for reporting or clearance after onboarding using the PCSID?
I’m asking because the code works correctly for signing and submitting invoices using the PCSID, but the same code does not work for signing invoices with the CCSID during onboarding.
From my experience,
For Compliance Check, Use Certificate from Compliance CSID and for Reporting/Clearance, we must use Certificate from Procuction CSID.
You may need to double check the certificate you are using. You must also ensure that you use the ID and secret from Compliance CSID to perform the Compliance Check.
Logically, it is impossible for us to get PCSID, if Compliance Check is not Passed.
Except for Standard Invoices which do not require signing the Invoice.
@eCloud
I manually generate the private key and CSR using OpenSSL in the terminal, then retrieve an OTP from the Fatoora portal. After that, I use Postman to obtain the CCSID. Using the ZATCA SDK and CCSID, Private key I sign the sample invoices through SDK commands and submit each type of invoice to complete the compliance checks, eventually receiving the PCSID. For the next steps, I’ve already coded the process to sign invoices and submit them to the reporting or clearance API using the PCSID, and that part is working correctly.
Now, I need to automate the first part in my code. I tried using the same functions to sign the sample invoices with the CCSID in my code, but encountered some errors. Could someone help me resolve this issue or guide me on how to properly sign invoices using the CCSID in code?
You should share the code snippet you used and what errors you encountered, so that others can try to help you.
Dear @Madleen,
Please ensure the following:
1- obtain an OTP from Fatoora simulation not production, you can change the environment by pressing the icon on the top right of the page
2- In your CSR config file, make sure that the VAT number in the organization identifier field is identical to the VAT number in the Fatoora portal that you obtained the OTP from, if it differs, then you need to correct the config file & re-generate the CSR.
Note: if you are using OpenSSL, then the field will be UID.
3- the OTP is valid only for one-time transaction, so if you have called the API regardless of whether it’s a successful call or not, you need to obtain a new one for every call
4- OTP is timeboxed with 1 hour, make sure to use it before it expires.
Hi,
Our CSR was generated through Zatca sandbox and was accepted in Developer portal.
I have ensured that the VAT No = csr.organization.identifier. and generated the OTP on simulation mode.
I am using the link : https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance
In am ensuring all headers are there
Accept:application/json
OTP: 247886
Accept-Version :V2
Content-Type:application/json
When I try, First am getting : invalid OTP error - ( 2 mins after generating it)
On trying with another OTP, I am getting error 409 (conflict) : Compliance transaction was submitted/generated before.
Please assist
I have also recreated CSR using the following command : fatoora -Sim -csr -csrConfig csr-config-example.properties -privateKey Key1 -generatedCsr CSR1-pem . Still not working.
Dear @James,
transaction was submitted/generated before,means that you have already made a successful request using the same CSR.
If you were unable to save it, then please re-generate the CSR and kick off the process again from the beginning with a new OTP.
Thank you,