Dears ,
I’m getting this error when trying to clear B2B invoice :
"errorMessages": [
{
"type": "ERROR",
"code": "certificate-permissions",
"category": "CERTIFICATE_ERRORS",
"message": "User only allowed to use the vat number that exists in the authentication certificate",
"status": "ERROR"
}
],
"status": "ERROR"
Any details for this error .
Thanks
Dear @Hadi
Thanks for reaching out.
Please ensure that you are using the same VAT that you used to generate the PCSID, in the XML, (CmpanyID) tag.
Additionally, please refer to the XML implementation and Data dictionary in the Educational Library shared in ZATCA site.
Educational library (zatca.gov.sa)
Thanks,
Ibrahem Daoud.
Dear @idaoud ,
Thanks for your reply .
i actually tried to check everything and everything seems okay to me .
i will list here all the deails :
Here the invoice.xml details :
<?xml version="1.0" encoding="utf-8"?>
<Invoice xmlns="urn:oasis:names:specification:ubl:schema:xsd:Invoice-2" xmlns:cac="urn:oasis:names:specification:ubl:schema:xsd:CommonAggregateComponents-2" xmlns:cbc="urn:oasis:names:specification:ubl:schema:xsd:CommonBasicComponents-2" xmlns:ext="urn:oasis:names:specification:ubl:schema:xsd:CommonExtensionComponents-2"><ext:UBLExtensions>
<ext:UBLExtension>
<ext:ExtensionURI>urn:oasis:names:specification:ubl:dsig:enveloped:xades</ext:ExtensionURI>
<ext:ExtensionContent>
<sig:UBLDocumentSignatures xmlns:sig="urn:oasis:names:specification:ubl:schema:xsd:CommonSignatureComponents-2" xmlns:sac="urn:oasis:names:specification:ubl:schema:xsd:SignatureAggregateComponents-2" xmlns:sbc="urn:oasis:names:specification:ubl:schema:xsd:SignatureBasicComponents-2">
<sac:SignatureInformation>
<cbc:ID>urn:oasis:names:specification:ubl:signature:1</cbc:ID>
<sbc:ReferencedSignatureID>urn:oasis:names:specification:ubl:signature:Invoice</sbc:ReferencedSignatureID>
<ds:Signature Id="signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2006/12/xml-c14n11" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" />
<ds:Reference Id="invoiceSignedData" URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath>not(//ancestor-or-self::ext:UBLExtensions)</ds:XPath>
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath>not(//ancestor-or-self::cac:Signature)</ds:XPath>
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
<ds:XPath>not(//ancestor-or-self::cac:AdditionalDocumentReference[cbc:ID='QR'])</ds:XPath>
</ds:Transform>
<ds:Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>aqdei0MWJE7GEH2xxE3zNcPHjbvMxxqznGiTH4FmoWM=</ds:DigestValue>
</ds:Reference>
<ds:Reference Type="http://www.w3.org/2000/09/xmldsig#SignatureProperties" URI="#xadesSignedProperties">
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>NmY1NzljMmNmNGU5NzRkZWYzNDBiMjc1NWE5N2E2ZTg2YTllYjc3YTIwMTEwMmIzNTUxMmM5M2E2MjA2ZmMwZQ==</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>MEUCIQCdlEP+Yin7p8KLSsKIKfTdX32pNfGfFWZbHPQp8h9mmAIgDUSxdSnRav0xCdEGfVCnN0xLL/d7Qgk4mFIbFwpPfCU=</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>MIID3jCCA4SgAwIBAgITEQAAOAPF90Ajs/xcXwABAAA4AzAKBggqhkjOPQQDAjBiMRUwEwYKCZImiZPyLGQBGRYFbG9jYWwxEzARBgoJkiaJk/IsZAEZFgNnb3YxFzAVBgoJkiaJk/IsZAEZFgdleHRnYXp0MRswGQYDVQQDExJQUlpFSU5WT0lDRVNDQTQtQ0EwHhcNMjQwMTExMDkxOTMwWhcNMjkwMTA5MDkxOTMwWjB1MQswCQYDVQQGEwJTQTEmMCQGA1UEChMdTWF4aW11bSBTcGVlZCBUZWNoIFN1cHBseSBMVEQxFjAUBgNVBAsTDVJpeWFkaCBCcmFuY2gxJjAkBgNVBAMTHVRTVC04ODY0MzExNDUtMzk5OTk5OTk5OTAwMDAzMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEoWCKa0Sa9FIErTOv0uAkC1VIKXxU9nPpx2vlf4yhMejy8c02XJblDq7tPydo8mq0ahOMmNo8gwni7Xt1KT9UeKOCAgcwggIDMIGtBgNVHREEgaUwgaKkgZ8wgZwxOzA5BgNVBAQMMjEtVFNUfDItVFNUfDMtZWQyMmYxZDgtZTZhMi0xMTE4LTliNTgtZDlhOGYxMWU0NDVmMR8wHQYKCZImiZPyLGQBAQwPMzk5OTk5OTk5OTAwMDAzMQ0wCwYDVQQMDAQxMTAwMREwDwYDVQQaDAhSUlJEMjkyOTEaMBgGA1UEDwwRU3VwcGx5IGFjdGl2aXRpZXMwHQYDVR0OBBYEFEX+YvmmtnYoDf9BGbKo7ocTKYK1MB8GA1UdIwQYMBaAFJvKqqLtmqwskIFzVvpP2PxT+9NnMHsGCCsGAQUFBwEBBG8wbTBrBggrBgEFBQcwAoZfaHR0cDovL2FpYTQuemF0Y2EuZ292LnNhL0NlcnRFbnJvbGwvUFJaRUludm9pY2VTQ0E0LmV4dGdhenQuZ292LmxvY2FsX1BSWkVJTlZPSUNFU0NBNC1DQSgxKS5jcnQwDgYDVR0PAQH/BAQDAgeAMDwGCSsGAQQBgjcVBwQvMC0GJSsGAQQBgjcVCIGGqB2E0PsShu2dJIfO+xnTwFVmh/qlZYXZhD4CAWQCARIwHQYDVR0lBBYwFAYIKwYBBQUHAwMGCCsGAQUFBwMCMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwMwCgYIKwYBBQUHAwIwCgYIKoZIzj0EAwIDSAAwRQIhALE/ichmnWXCUKUbca3yci8oqwaLvFdHVjQrveI9uqAbAiA9hC4M8jgMBADPSzmd2uiPJA6gKR3LE03U75eqbC/rXA==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<ds:Object>
<xades:QualifyingProperties Target="signature" xmlns:xades="http://uri.etsi.org/01903/v1.3.2#">
<xades:SignedProperties Id="xadesSignedProperties">
<xades:SignedSignatureProperties>
<xades:SigningTime>2024-08-20T15:17:45</xades:SigningTime>
<xades:SigningCertificate>
<xades:Cert>
<xades:CertDigest>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>ZDMwMmI0MTE1NzVjOTU2NTk4YzVlODhhYmI0ODU2NDUyNTU2YTVhYjhhMDFmN2FjYjk1YTA2OWQ0NjY2MjQ4NQ==</ds:DigestValue>
</xades:CertDigest>
<xades:IssuerSerial>
<ds:X509IssuerName>CN=PRZEINVOICESCA4-CA, DC=extgazt, DC=gov, DC=local</ds:X509IssuerName>
<ds:X509SerialNumber>379112742831380471835263969587287663520528387</ds:X509SerialNumber>
</xades:IssuerSerial>
</xades:Cert>
</xades:SigningCertificate>
</xades:SignedSignatureProperties>
</xades:SignedProperties>
</xades:QualifyingProperties>
</ds:Object>
</ds:Signature>
</sac:SignatureInformation>
</sig:UBLDocumentSignatures>
</ext:ExtensionContent>
</ext:UBLExtension>
</ext:UBLExtensions>
<cbc:ProfileID>reporting:1.0</cbc:ProfileID>
<cbc:ID>SME00023</cbc:ID>
<cbc:UUID>8d487816-70b8-4ade-a618-9d620b73814a</cbc:UUID>
<cbc:IssueDate>2022-09-07</cbc:IssueDate>
<cbc:IssueTime>12:21:28</cbc:IssueTime>
<cbc:InvoiceTypeCode name="0100000">388</cbc:InvoiceTypeCode>
<cbc:DocumentCurrencyCode>SAR</cbc:DocumentCurrencyCode>
<cbc:TaxCurrencyCode>SAR</cbc:TaxCurrencyCode>
<cac:AdditionalDocumentReference>
<cbc:ID>ICV</cbc:ID>
<cbc:UUID>23</cbc:UUID>
</cac:AdditionalDocumentReference>
<cac:AdditionalDocumentReference>
<cbc:ID>PIH</cbc:ID>
<cac:Attachment>
<cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">NWZlY2ViNjZmZmM4NmYzOGQ5NTI3ODZjNmQ2OTZjNzljMmRiYzIzOWRkNGU5MWI0NjcyOWQ3M2EyN2ZiNTdlOQ==</cbc:EmbeddedDocumentBinaryObject>
</cac:Attachment>
</cac:AdditionalDocumentReference>
<cac:AdditionalDocumentReference>
<cbc:ID>QR</cbc:ID>
<cac:Attachment>
<cbc:EmbeddedDocumentBinaryObject mimeCode="text/plain">AQVIT1VTRQIPMzEwODM0NzQxODAwMDAzAxMyMDIyLTA5LTA3VDEyOjIxOjI4BAQ0LjYwBQMwLjYGLGFxZGVpME1XSkU3R0VIMnh4RTN6TmNQSGpidk14eHF6bkdpVEg0Rm1vV009B2BNRVVDSVFDZGxFUCtZaW43cDhLTFNzS0lLZlRkWDMycE5mR2ZGV1piSFBRcDhoOW1tQUlnRFVTeGRTblJhdjB4Q2RFR2ZWQ25OMHhMTC9kN1FnazRtRkliRndwUGZDVT0IWDBWMBAGByqGSM49AgEGBSuBBAAKA0IABKFgimtEmvRSBK0zr9LgJAtVSCl8VPZz6cdr5X+MoTHo8vHNNlyW5Q6u7T8naPJqtGoTjJjaPIMJ4u17dSk/VHg=</cbc:EmbeddedDocumentBinaryObject>
</cac:Attachment>
</cac:AdditionalDocumentReference><cac:Signature>
<cbc:ID>urn:oasis:names:specification:ubl:signature:Invoice</cbc:ID>
<cbc:SignatureMethod>urn:oasis:names:specification:ubl:dsig:enveloped:xades</cbc:SignatureMethod>
</cac:Signature><cac:AccountingSupplierParty>
<cac:Party>
<cac:PartyIdentification>
<cbc:ID schemeID="CRN">4030189555</cbc:ID>
</cac:PartyIdentification>
<cac:PostalAddress>
<cbc:StreetName>MADINAH ROAD</cbc:StreetName>
<cbc:BuildingNumber>2245</cbc:BuildingNumber>
<cbc:CitySubdivisionName>SHARAFIYAH</cbc:CitySubdivisionName>
<cbc:CityName>JEDDAH</cbc:CityName>
<cbc:PostalZone>21483</cbc:PostalZone>
<cac:Country>
<cbc:IdentificationCode>SA</cbc:IdentificationCode>
</cac:Country>
</cac:PostalAddress>
<cac:PartyTaxScheme>
<cbc:CompanyID>310834741800003</cbc:CompanyID>
<cac:TaxScheme>
<cbc:ID>VAT</cbc:ID>
</cac:TaxScheme>
</cac:PartyTaxScheme>
<cac:PartyLegalEntity>
<cbc:RegistrationName>HOUSE</cbc:RegistrationName>
</cac:PartyLegalEntity>
</cac:Party>
</cac:AccountingSupplierParty>
<cac:AccountingCustomerParty>
<cac:Party>
<cac:PostalAddress>
<cbc:StreetName>MADINAH</cbc:StreetName>
<cbc:BuildingNumber>2245</cbc:BuildingNumber>
<cbc:CitySubdivisionName>SHARAFIYAH</cbc:CitySubdivisionName>
<cbc:CityName>JEDDAH</cbc:CityName>
<cbc:PostalZone>21483</cbc:PostalZone>
<cac:Country>
<cbc:IdentificationCode>SA</cbc:IdentificationCode>
</cac:Country>
</cac:PostalAddress>
<cac:PartyTaxScheme>
<cbc:CompanyID>300507298810003</cbc:CompanyID>
<cac:TaxScheme>
<cbc:ID>VAT</cbc:ID>
</cac:TaxScheme>
</cac:PartyTaxScheme>
<cac:PartyLegalEntity>
<cbc:RegistrationName>HABIB</cbc:RegistrationName>
</cac:PartyLegalEntity>
</cac:Party>
</cac:AccountingCustomerParty>
<cac:Delivery>
<cbc:ActualDeliveryDate>2022-09-07</cbc:ActualDeliveryDate>
</cac:Delivery>
<cac:PaymentMeans>
<cbc:PaymentMeansCode>10</cbc:PaymentMeansCode>
</cac:PaymentMeans>
<cac:AllowanceCharge>
<cbc:ChargeIndicator>false</cbc:ChargeIndicator>
<cbc:AllowanceChargeReason>discount</cbc:AllowanceChargeReason>
<cbc:Amount currencyID="SAR">0.00</cbc:Amount>
<cac:TaxCategory>
<cbc:ID schemeID="UN/ECE 5305" schemeAgencyID="6">S</cbc:ID>
<cbc:Percent>15</cbc:Percent>
<cac:TaxScheme>
<cbc:ID schemeID="UN/ECE 5153" schemeAgencyID="6">VAT</cbc:ID>
</cac:TaxScheme>
</cac:TaxCategory>
</cac:AllowanceCharge>
<cac:TaxTotal>
<cbc:TaxAmount currencyID="SAR">0.6</cbc:TaxAmount>
</cac:TaxTotal>
<cac:TaxTotal>
<cbc:TaxAmount currencyID="SAR">0.6</cbc:TaxAmount>
<cac:TaxSubtotal>
<cbc:TaxableAmount currencyID="SAR">4.00</cbc:TaxableAmount>
<cbc:TaxAmount currencyID="SAR">0.60</cbc:TaxAmount>
<cac:TaxCategory>
<cbc:ID schemeID="UN/ECE 5305" schemeAgencyID="6">S</cbc:ID>
<cbc:Percent>15.00</cbc:Percent>
<cac:TaxScheme>
<cbc:ID schemeID="UN/ECE 5153" schemeAgencyID="6">VAT</cbc:ID>
</cac:TaxScheme>
</cac:TaxCategory>
</cac:TaxSubtotal>
</cac:TaxTotal>
<cac:LegalMonetaryTotal>
<cbc:LineExtensionAmount currencyID="SAR">4.00</cbc:LineExtensionAmount>
<cbc:TaxExclusiveAmount currencyID="SAR">4.00</cbc:TaxExclusiveAmount>
<cbc:TaxInclusiveAmount currencyID="SAR">4.60</cbc:TaxInclusiveAmount>
<cbc:AllowanceTotalAmount currencyID="SAR">0.00</cbc:AllowanceTotalAmount>
<cbc:PrepaidAmount currencyID="SAR">0.00</cbc:PrepaidAmount>
<cbc:PayableAmount currencyID="SAR">4.60</cbc:PayableAmount>
</cac:LegalMonetaryTotal>
<cac:InvoiceLine>
<cbc:ID>1</cbc:ID>
<cbc:InvoicedQuantity unitCode="PCE">2.000000</cbc:InvoicedQuantity>
<cbc:LineExtensionAmount currencyID="SAR">4.00</cbc:LineExtensionAmount>
<cac:TaxTotal>
<cbc:TaxAmount currencyID="SAR">0.60</cbc:TaxAmount>
<cbc:RoundingAmount currencyID="SAR">4.60</cbc:RoundingAmount>
</cac:TaxTotal>
<cac:Item>
<cbc:Name>قلم رصاص</cbc:Name>
<cac:ClassifiedTaxCategory>
<cbc:ID>S</cbc:ID>
<cbc:Percent>15.00</cbc:Percent>
<cac:TaxScheme>
<cbc:ID>VAT</cbc:ID>
</cac:TaxScheme>
</cac:ClassifiedTaxCategory>
</cac:Item>
<cac:Price>
<cbc:PriceAmount currencyID="SAR">2.00</cbc:PriceAmount>
<cac:AllowanceCharge>
<cbc:ChargeIndicator>true</cbc:ChargeIndicator>
<cbc:AllowanceChargeReason>discount</cbc:AllowanceChargeReason>
<cbc:Amount currencyID="SAR">0.00</cbc:Amount>
</cac:AllowanceCharge>
</cac:Price>
</cac:InvoiceLine>
</Invoice>
As you can see the CompanyID tag is 310834741800003 .
here is the csr.config details :
commonName: "TST-01-310834741800003",
serialNumber: "1-SAP|2-SAPB1|3-0020976941",
organizationIdentifier: "310834741800003",
organizationUnitName: "Jeddah Branch",
organizationName: "HOUSE OF RAYS MEDICAL Co.",
countryName: "SA",
invoiceType: "1100",
locationAddress: "JBSA7571",
industryBusinessCategory: "Supply activities"
and here is the .csr file created based on that :
-----BEGIN CERTIFICATE REQUEST-----
MIIB9TCCAZwCAQAwajELMAkGA1UEBhMCU0ExFjAUBgNVBAsMDUplZGRhaCBCcmFu
Y2gxIjAgBgNVBAoMGUhPVVNFIE9GIFJBWVMgTUVESUNBTCBDby4xHzAdBgNVBAMM
FlRTVC0wMS0zMTA4MzQ3NDE4MDAwMDMwVjAQBgcqhkjOPQIBBgUrgQQACgNCAATL
WHGV58kof62EF18nF9QN4losfw3bRZW17eTRv7KJYXAk8ANqTkw2OzrFK1qORjuR
IyOowmHkkkygpYH7IIHLoIHSMIHPBgkqhkiG9w0BCQ4xgcEwgb4wJAYJKwYBBAGC
NxQCBBcTFVRTVFpBVENBLUNvZGUtU2lnbmluZzCBlQYDVR0RBIGNMIGKpIGHMIGE
MSMwIQYDVQQEDBoxLVNBUHwyLVNBUEIxfDMtMDAyMDk3Njk0MTEfMB0GCgmSJomT
8ixkAQEMDzMxMDgzNDc0MTgwMDAwMzENMAsGA1UEDAwEMTEwMDERMA8GA1UEGgwI
SkJTQTc1NzExGjAYBgNVBA8MEVN1cHBseSBhY3Rpdml0aWVzMAoGCCqGSM49BAMC
A0cAMEQCIG3QjzYFmuoUGd77qWyET8KvaqrpabTWtyJBxp1WQQXvAiAqc1zMdrna
pbH9BfKShlXMW3R4r++uRUImkL1KUkguhw==
-----END CERTIFICATE REQUEST-----
based on this csr , the CCSID was generated and PCSID accoridgnly .
am i missing something ?
Thanks again for your continus support .
Dear @Hadi
What is the endpoint that returns the above response?
and what is the steps you did to generate the CSR?
Thanks,
Ibrahem Daoud.
Dear @idaoud ,
This is the endpoint :
https://gw-fatoora.zatca.gov.sa/e-invoicing/developer-portal/invoices/clearance/single
Those are the steps to create the csr :
try
{
Console.WriteLine("Starting CSR generation process...");
var csrGenerationDto = new CsrGenerationDto(
commonName: "TST-01-310834741800003",
serialNumber: "1-SAP|2-SAPB1|3-0020976941",
organizationIdentifier: "310834741800003",
organizationUnitName: "Jeddah Branch",
organizationName: "HOUSE OF RAYS MEDICAL Co.",
countryName: "SA",
invoiceType: "1100",
locationAddress: "JBSA7571",
industryBusinessCategory: "Supply activities"
);
Console.WriteLine("CsrGenerationDto created successfully.");
Zatca.EInvoice.SDK.CsrGenerator csrGenerator = new CsrGenerator();
Console.WriteLine("CsrGenerator instance created.");
Console.WriteLine("Generating CSR...");
var result = csrGenerator.GenerateCsr(csrGenerationDto, EnvironmentType.NonProduction, true);
if (result.IsValid)
{
File.WriteAllText("cert.csr", result.Csr);
Console.WriteLine("CSR saved to cert.csr");
File.WriteAllText("ec-secp256k1-priv-key.pem", result.PrivateKey);
Console.WriteLine("Private key saved to ec-secp256k1-priv-key.pem");
Console.WriteLine("CSR and private key generated successfully.");
string base64Csr = Convert.ToBase64String(Encoding.UTF8.GetBytes(result.Csr));
var csidResponse = await GetComplianceCsid(base64Csr);
if (csidResponse != null)
{
await GetProductionCsid(csidResponse);
}
}
else
{
Console.WriteLine("Failed to generate CSR and private key:");
foreach (var error in result.ErrorMessages)
{
Console.WriteLine(error);
}
}
}
catch (Exception ex)
{
Console.WriteLine($"An error occurred: {ex.Message}");
Console.WriteLine($"Stack Trace: {ex.StackTrace}");
}
@idaoud
what is the correct endpoint ?
Dear @Hadi
Please refer to API documentation in Fatoora portal, and Fatoora Simulation,
because it’s depending on the environment you generate your CSR even for simulation or Production.
Kindly review the Educational Library, the link already shared.
If this was not clear, please do not hesitate to reach out to our support team via email to schedule meeting if needed.
SP email: sp_support@zatca.gov.sa
Thanks, have a great day
Ibrahem Daoud.