Morning @Affan
Thank you for reaching out.
Please find the full onboarding process. Please follow these steps carefully. From the error you shared, it seems you are missing the step related to the Compliance checks will be highlighted in bold.
Onboarding Process:
Please adhere to the following steps accurately to ensure receipt of the certificate and private key in the required format:
1. On SDK: Utilize the command ‘fatoora -sim -csr-csrConfig “config.properties”’, to generate a CSR and private key for acquiring a CCSID, necessary for completing compliance checks. No Need to change, same as what you did.
2. Log in to the FATOORA portal using your VAT to obtain a correct OTP. Make sure to generate the OTP from the SIM portal.
3. Utilizing API endpoints, ensure that the generated CSR is in the body and the OTP from the SIM portal is in the headers. No Need to change, same as what you did
4. Upon response receipt, you will obtain a binary security token, a secret, and a request ID. Utilize the BinarySecurityToken and secret (referring to the current CCSID) to fulfill all compliance checks. The request ID will be used to generate the PCCSD.
5. Initiate the compliance check to dispatch invoices based on the invoice type specified in the config file used for CSR generation: **Need to be complete**
* Standard (Clearance): If “1000” is chosen as the invoice type, send 3 standard invoices of types (invoice, credit, debit) for successful compliance checks. Ensure all types are sent to avoid missing compliance checks.
* Simplified (Reporting): If “0100” is chosen as the invoice type, send 3 simplified invoices of types (invoice, credit, debit) for successful compliance checks. Don’t forget to sign the simplified invoice before dispatching it.
* Standard and Simplified: If “1100” is chosen as the invoice type, send 6 standard and simplified invoices for each type (invoice, credit, debit) for successful compliance checks. Ensure all types are sent to avoid missing compliance checks.
6. Using the API endpoint: For authorization, select Basic Auth as the Auth Type, with BinarySecurityToken as the username and Secret as the password. In the body, send the invoice (the hash for the invoice, the UUID, and the encoded invoice). On ZATCA SDK, utilize the command 'fatoora -invoiceRequest -invoice “invoice.xml” ', to generate a full invoice request that will be used in the body for the complianceChecks API “https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance/invoices” .
7. Using API endpoint: Upon completing all compliance checks, ensure Basic Auth is selected as the Auth Type for Authorization, with BinarySecurityToken as the username and the Secret as the password. In the headers, use the current CCSID; in the body, use the request ID received in the first API.
8. After generating the PCSID from the API, decode the returned token and place it in the certificate file located in SDK/Data/Certificates/cert.pem. This will serve as the final certificate for sending invoices to clearance and report APIs henceforth.
For further details, please refer to the onboarding manual available at: https://zatca.gov.sa/en/E-Invoicing/Introduction/Guidelines/Documents/E-Invoicing_Detailed__Guideline.pdf.
Thanks,
Ibrahem Daoud.