Simulation "Invalid OTP"

FATOORA portal and Simulation portal
1

Hello,

I successfully comply with development (with 123345 OTP) and I’m getting successful transaction for invoices/debit Notes/Credit Notes. I tested the full cycle and everything is working correctly.

When I tried the simulation I’m getting {“errors”:[{“code”:“Invalid-OTP”,“message”:“The provided OTP is invalid”}]}
I added the flag -sim while using the SDK.
and I’m using https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation base URL.

I double checked the TRN number/Commercial Registration Number etc.. and everything is correct.

Could you please help with this?

Regards

1 Like
2

Morning @ucitco

Thanks for reaching out, Welcome to our community.

To provide comprehensive support as usual, can I kindly ask you to mention the steps you followed to generate your CSR along with the steps you followed after login to fatoora portal?

Thanks,
Ibrahem Daoud.

3

1 - I created the config file like this:
“csr.common.name=__commonName\n” .
“csr.serial.number=__serialNumber\n” .
“csr.organization.identifier=__vatNumber\n” .
“csr.organization.unit.name=__organizationalUnitName\n” .
“csr.organization.name=__organizationName\n” .
“csr.country.name=__country\n” .
“csr.invoice.type=__invoiceType\n” .
“csr.location.address=__registeredAddress\n” .
“csr.industry.business.category=__businessCategory”;

2- I created the keys by:
-sim -csr -csrConfig {csrPath} -privateKey {privateKeyPath} -generatedCsr {generatedCsrPath}

3- My customer login to zatca portal, switch to simulation portal, request token for 1 device, share generated otp and apply it to our system.

4- I sent the OTP to the link like:
return Http::withHeaders([
“accept” => “application/json”,
“OTP” => $otp,
“Accept-Version” => “V2”,
“Content-Type” => “application/json”
])->post(“https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/compliance”, [
“csr” => $encodedCsr
])->json();

As I mentioned earlier, in development. Every things working fine.

Please note as well, that our solution we used is (online) server and its hosted in Europe.

Regards

4

Dear @ucitco,

Please ensure the following:

1- Is this a VAT group scenario? If the customer is belonged to a VAT group, make sure to include the TIN number in the csr.orgnization.unit.name

2- Ensure that the OTP is being generated from simulation portal not the fatoora productio

3- Ensure that the endpoint is adjusted to simulation

4- ensure that the VAT number that you are including in csr.orgnization.identifier is identical to the VAT number that appears in the fatoora portal

5- OTP should be used within 1 hour, if this time frame exceeds, then a new OTP is needed.

5

We double check above all those points you mention.

whats strange is OTP with development working fine, while its not working in simualtion.

do you have any reference on how we can solve issue or if we can make meeting?

1 Like
6

Hello. I have same issue. Did you find a solution?

7

Also I have some issues

8

hello, did u solve the issue?

9

hello did u solve the issue, We still stuck on the same error, what i hear that software used to generate private key, ect must be located in KSA

10

Dear @ucitco,

There are no restrections on the device/server to be physically located in KSA, however, if you are still facing this issue kindly raise a ticket through ZATCA’s line or your releationship manager with ZATCA.

“invalid-OTP” is a common error, if you followed all of the provided steps previously and the issue still persists, please raise a ticket for further support.

Regards,