Dear Team,
I am currently working on integrating the ZATCA e-invoicing compliance system using the simulation API. While sending signed invoices to the ZATCA simulation API, I encountered the following error:
Error: Simulation for Invoice 11939 failed.
Response: {“code”:“Invalid-Request”,“message”:“System failed to process your request”}
I would appreciate your guidance on the following points:
- Clarification on the “Invalid-Request” error: Could you please help us understand what exactly is causing this error? Are there specific fields or structures in the XML or request headers that we need to address to resolve this issue?
- Request Format Requirements: Could you provide further clarification on the expected format for the API request? Specifically:
- Should we include the
requestID
in the XML body, or is it only needed in the API headers?
- How do we properly include the
binarySecurityToken
in the API request?
- Are there any other mandatory fields or structures we need to ensure are present in the XML?
- Simulation Process Steps: We have successfully generated certificates and signed the XML files. Could you please provide a step-by-step guide on how to correctly submit invoices through the simulation API, ensuring compliance with all necessary fields and security tokens?
For context, we have followed the onboarding process and generated the following:
- Private Key
- Public Key
- Signing Certificate
- RequestID:
1728450182897
- BinarySecurityToken:
TUlJQ0h6Q0NBY1NnQXdJQkFnSUdBWkp2...
Despite this, we continue to face the “Invalid-Request” error and are unsure how to proceed.
Your assistance in resolving this issue and ensuring that our request format is correct for the simulation process would be greatly appreciated.
Thank you for your support.
Dear @karimjaber ,
To resolve this issue, Please check:
1- CSR Request : check that you’ve correctly configured the CSR (Certificate Signing Request) based on the environment you intend to use.
Please try generate the CSR from the beginning for the simulation with the SDK using this command:
‘Fatoora -sim -csr -csrConfig [propertiesfilename. properties]
You can find sample for properties files located in data/input in SDK directory.
2- API Endpoint: Ensure that you are using the correct APIs for the correct Environment you want to use.
e.g.: Use the Simulation portal to get the OTP and Simulation APIs to get the CCSID and PCCSID.
Please adhere to the following steps accurately to for onboarding simulation:
- On SDK: Utilize the command ‘fatoora -sim -csr-csrConfig “config.properties”’, to generate a CSR and private key for acquiring a CCSID, necessary for completing compliance checks.
- Log in to the FATOORA portal using your VAT to obtain a correct OTP. Make sure to generate the OTP from the SIM portal.
- Utilizing API endpoints, ensure that the generated CSR is in the body and the OTP from the SIM portal is in the headers.
- Upon response receipt, you will obtain a binary security token, a secret, and a request ID. Utilize the BinarySecurityToken and secret (referring to the current CCSID) to fulfill all compliance checks. The request ID will be used to generate the PCCSD.
- Initiate the compliance check to dispatch invoices based on the invoice type specified in the config file used for CSR generation:
- Standard (Clearance): If “1000” is chosen as the invoice type, send 3 standard invoices of types (invoice, credit, debit) for successful compliance checks. Ensure all types are sent to avoid missing compliance checks.
- Simplified (Reporting): If “0100” is chosen as the invoice type, send 3 simplified invoices of types (invoice, credit, debit) for successful compliance checks. Don’t forget to sign the simplified invoice before dispatching it.
- Standard and Simplified: If “1100” is chosen as the invoice type, send 6 standard and simplified invoices for each type (invoice, credit, debit) for successful compliance checks. Ensure all types are sent to avoid missing compliance checks.
- Using the API endpoint: For authorization, select Basic Auth as the Auth Type, with BinarySecurityToken as the username and Secret as the password. In the body, send the invoice (the hash for the invoice, the UUID, and the encoded invoice). On SDK, utilize the command 'fatoora -invoiceRequest -invoice “invoice.xml” ', to generate a full invoice request to use it in the body.
- Using API endpoint: Upon completing all compliance checks, ensure Basic Auth is selected as the Auth Type for Authorization, with BinarySecurityToken as the username and the Secret as the password. In the headers, use the current CCSID; in the body, use the request ID received in the first API.
- After generating the PCSID from the API, decode the returned token and place it in the certificate file located in SDK/Data/Certificates/cert.pem. This will serve as the final certificate for sending invoices to clearance and report APIs henceforth.
For further details, please refer to the onboarding manual available at:
https://zatca.gov.sa/en/E-Invoicing/Introduction/Guidelines/Documents/E-Invoicing_Detailed__Guideline.pdf.
After completing these steps, if you encounter any issues, we can schedule a meeting to resolve them.
Thanks
Dear Hagar
Thanks a lot for your feedback, everything is going smoothly for Onboarding process and we already gut the CSID.
In the Sandbox, when we use the Authorization and the json body, it gives Passed, but once we use the simulation, it gives the error 401:
This is the Request Headers we are sending, kindly if there is any missing thing, please let me know:
Authorization: Basic VkZWc1NsRXdjSEZSTUU1Q1dUTldibEZZWkVwUmEwWnVVMVZrUWxkcmRFZFZWa28wWlVVeFFtSXdaRVJSTTBaSVZUQXdNRTlWU2tKVVZVNU9VV3hXTkZKWWNFSlZhMHB1Vkd4YVExRlZNVTVSTWpGWFUyMUtkVmR1V21oV01EVjNXVzB4YW1Rd2FHOVpNRFZPWVd4R05GUlZVa1psYXpGRllYcENUbFpGYTNkV01taHFWR3N4Y1dFemFFNVNSVlkxVkZkd1JtUXdNVVZSV0dSWVlXdEtlRlJXUm5wa01FNVNWMVZTVjFWV1JraFNXR1JMVmtaR1ZWSldVazVSYTFaSVVWUkdWbEpWVGpOa01IUk9ZV3RGZUZSVlVrSk5helZ4V25wQ1QxWkZWak5VVlUwd1VqQkZlRlpWVmtSYU0yUjFWVEZqTVdFeVVsbFVha0pxWWxkNGIxbHJUa05oUjBwMFZWZGtWMU5GY0c5WGEyUnpaRlp3TlZGc1VtbE5ibWQ0V2tWa2MyUnRTblZVVjJSU1RXeGFNVnBGWkZkbFZURlRWVmhrUmxveGJFVldiRVpTVWtWU1FtUkZlRnBYUlhCM1dXeFdOR0ZIVGtkVmJscHFVa1ZLV0ZSVlNrSlNNRW8xWTFWa1ZGUlVVVFZSVjJSR1VqQktWR1JWU2tOUlZVWk1VVlJDU2xGVlNrVmFSbGw0VkZWNGRtTlVaRE5WU0doT1ltNVdSRTB6UlRSVFJrNVdTek5zZEZvd05WZGFWVVpUV
accept-language: en
Clearance-Status: 1
Accept-Version: V2
Content-Type: application/json
Best Regards
Abdulkarim Jaber
Finance Manager
Industrial and Trading Solutions Center
M:+966-544-833-130
E:karim@indtechs.com
Are you using Sandbox to obtain the certificate? kindly note that the sandbox is meant to be used for testing purposes only, and the Data in the sandbox portal is dummy data that should be used to understand the steps that need to be followed to ensure a successful onboarding. Therefore, you need to obtain your own certificate, you can use the simulation environment to obtain your own certificate and test your solution before integrating it with the production environment.