Hello All,
During my integration step for the “Compliance invoice check,” I am consistently encountering an error message stating, “The invoice hash API body does not match the (calculated) Hash of the XML.” I get the response when I tested this through Postman.Unfortunately, there is no return response with Python.
We are currently using Python for this integration. I would greatly appreciate any assistance from Python developers in this community who might have experience with this issue.
Dear @fathima,
Kindly reflect the same logic in the attached document to your application/code, for your instance, you can use the ZATCA’s SDK pre-built signing function (or generate hash if it’s B2B) to test your code as the following approach:
1- hash the XML using the SDK ( through CLI for simplicity)
2- send the invoice to the API after validated sucesfully, if passed, please go next.
3- reflect the hashing steps as specefied in the attached document.
4- compare the hash output from your python/code application to the passed output from the SDK (if failed again)
5- fix your application/code accordingly to the findings.
While this is not a direct solution to your issue, but, by following this approach your issue will most likely to be resolved.
Regards,
SigningProcessUpdated.pdf (392.7 KB)
The Solution: Canonicalization
You need to use a process called Canonicalization (C14N) on your XML file before you hash it. This process creates a standardized, byte-for-byte representation of the XML, removing any non-meaningful cosmetic differences.
Here’s how to properly generate the hash in Python using the lxml library, which is perfect for this task.