Renew CSID error

what is the steps to renew pcsid if it is expired or there is some data in csr not corrected ?
i used this code to to renew it but i got error when is use complaince certfication as authen .
errore {“code”:“Missing-ComplianceRequestId”,“message”:“compliance_request_id is a required header”}

and this error when i use production certificateion in authentication

error .
You are not authorized to use this api endpoint

curl -X ‘PATCH’ \

https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/production/csids
-H ‘accept: application/json’
-H ‘OTP: 123456’
-H ‘accept-language: en’
-H ‘Accept-Version: V2’
-H ‘Authorization: Basic ZHluZmF0ZWhAZ21haWwuY29tOkFib1VzYW1haEAxMzU=’
-H ‘Content-Type: application/json’
-d ‘{
“csr”: “LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0NCk1JSUNGekNDQWI0Q0FRQXdkVEVMTUFrR0ExVUVCaE1DVTBFeEZqQVVCZ05WQkFzTURWSnBlV0ZrYUNCQ2NtRnUNClkyZ3hKakFrQmdOVkJBb01IVTFoZUdsdGRXMGdVM0JsWldRZ1ZHVmphQ0JUZFhCd2JIa2dURlJFTVNZd0pBWUQNClZRUUREQjFVVTFRdE9EZzJORE14TVRRMUxUTTVPVGs1T1RrNU9Ua3dNREF3TXpCV01CQUdCeXFHU000OUFnRUcNCkJTdUJCQUFLQTBJQUJPVlQvWFVGcDVJdU0wWUZHSTZUUStBTGxWT0Z3RldxckNXMVU3M1NpUFJDSGM2Q1V4UXcNCmxoeG14aFRjNUdEOU1xRFM3YVArZi9OR0F3ZWJ6UmJvRjJpZ2dla3dnZVlHQ1NxR1NJYjNEUUVKRGpHQjJEQ0INCjFUQWhCZ2tyQmdFRUFZSTNGQUlFRkF3U1drRlVRMEV0UTI5a1pTMVRhV2R1YVc1bk1JR3ZCZ05WSFJFRWdhY3cNCmdhU2tnYUV3Z1o0eE96QTVCZ05WQkFRTU1qRXRWRk5VZkRJdFZGTlVmRE10WldReU1tWXhaRGd0WlRaaE1pMHgNCk1URTRMVGxpTlRndFpEbGhPR1l4TVdVME5EVm1NUjh3SFFZS0NaSW1pWlB5TEdRQkFRd1BNems1T1RrNU9UazUNCk9UQXdNREF6TVEwd0N3WURWUVFNREFReE1UQXdNUkV3RHdZRFZRUWFEQWhTVWxKRU1qa3lPVEVjTUJvR0ExVUUNCkR3d1QyWTFUZFhCd2JIa2dZV04wYVhacGRHbGxjekFLQmdncWhrak9QUVFEQWdOSEFEQkVBaUJCWXNyRkZLUGYNCml4SkhSRVNxRlF0cmI0L0orMXRNczlrcWNGdEJ2eGdiR3dJZ0tXaWE0ZVcyZkhYY1d4amp5T3RqdVQ5MmhMUDMNCjRKOFBNVnFqeDR4TDFVTT0NCi0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQ0K”
}’

thanks in advanced

Dear @fatehahmed,

Are you using real or dummy data?

If you are using real data, please follow these steps to renew your PCSID:

  1. Check Your Environment:

    • You might be using sandbox data, which is for testing purposes only. To renew your PCSID with real data, you need to use either the Fatoora simulation or production environment, depending on where your PCSID was originally generated.
  2. Change the Endpoint:

  3. Generate a Certificate Signing Request (CSR):

    • Ensure taking simulation requirements in consideration:
      • OpenSSL: Set CertificateTemplateNameASN1 to PRINTABLESTRING:PREZATCA-Code-Signing
      • SDK Command: Include -sim before the command for generating the CSR
  4. Obtain an OTP (One-Time Password):

    • Log in to the Fatoora portal for the correct environment (Simulation or Production) to obtain the OTP.
    • Ensure that the VAT number linked with your Fatoora portal account matches the VAT number included in your CSR configuration.
  5. Send the API Request:

    • Make sure to use the correct API headers and structure, a successful response should be returned, you can find it in the API documentation guide.

If you have any further questions or need assistance, feel free to ask.

i used real data in simulation enviroment . currenctly i got error {“errors”:[{“code”:“Invalid-OTP”,“message”:“The provided OTP is invalid”}]}

i used all the steps above and
i loged to fatoorah portal then i got otp for renew

Salam,
In your shared code you have entered only password as basic authentication where is username?
Secondly I am sure you are working on Sandbox not simulation or production since the url is of Sandbox. thanks

i used this code as pseudo code translated to other language and i use real data in simulation and core .i used also in postman app i got the same erorr we waiting to update this api

In the normal process, in order to renew a device, does it need to be Onboarded or will the renewal work for an expired or Revoked Device as well?

1 Like

Dear @fatehahmed ,

Then the VAT number that is associated with your fatoora portal account is not matched with the VAT number in the config file.

OR

You are using a wrong procedure to create the CCSID, where you use the same OTP twice, OTP should only be used once, then it will expire.

Dear @leonidas.s ,

The renewal is for the onboarded expired devices, no renewal for revoked devices.

certificate assocaited with each device is 5 years in production environment, so you can renew after this period of time.

Thank you,