The compliance certificate is not done with the following compliance steps yet

Clearance and Reporting
1

{
“code”: “Missing-ComplianceSteps”,
“message”: “The compliance certificate is not done with the following compliance steps yet [standard-compliant,standard-credit-note-compliant,standard-debit-note-compliant]”
}

i used 1000 invoice type and i send all Standard type invoice (Credit,Debit,Invoice) successfully>> but when i send to get CSID return above error

env = simulation
like i used to compliance:
https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/precompliance/invoices
and
precompliance

link i used to get csid is :https://gw-fatoora.zatca.gov.sa/e-invoicing/simulation/core/csids

3

Dear Zatca Team,

@Malik, thank you for the video link you provided.

I noticed that we need to submit 3 B2B invoices or 3 B2C invoices or 6 invoices for both B2C and B2B before proceeding with onboarding or obtaining a PCSID. Is this mandatory?

On the sandbox portal, it seems I do not need to do this to get a PCSID.

Can I use Compliance Checks to test my invoices before I proceed with Reporting or Clearance to ensure that my invoices are problem-free before I report them to the tax authorities?

Sorry if this is off-topic.

Thank you for your clarification.

4

Al Salamo Alikom
when you choose 1100 for the invoice type when generating csr it means your EGS can issue simplified and stander invoices, so you have to send all types to the compliance api before zatca approve to send you the csid key, you have to send simplified ( invoice,debit and credit note ) and stander ( invoice, debit and credit note )

5

Thank you @YaSsOo85

What kind of invoices should I submit?
Standard XML without UBL and signature?
As we know, we need a PCSID to create a Signed Invoice.

Does this require actual invoices from my accounting system, or can they be sample invoices for testing purposes (with my business identity as per the CCSID I obtained)?

Thanks

6

You Welcome @eCloud
if your system will generate simplified and stander invoices so you should submit simplified invoice, simplified debit note, simplified credit note, stander invoice, stander debit note and stander credit note to pass the compliance
you must use the generated PCSID which your system has generate it as Authorization so the Api will know your request id and will submit that your system passed the compliance steps
wish that helps

7

Salam,
Please share this line value “csr.invoice.type=1100” from your CSR which which you generated certificates from ZATCA. Please do not compare with Sandbox and it is not following all steps and you can skip. Simulation and Production having same process.

Thanks
csr.common.name=TST-886431145-399999999900003
csr.serial.number=1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f
csr.organization.identifier=399999999900003
csr.organization.unit.name=Riyadh Branch
csr.organization.name=Maximum Speed Tech Supply LTD
csr.country.name=SA
csr.invoice.type=1100
csr.location.address=RRRD2929
csr.industry.business.category=Supply activities

8

The problem has been solved. I sent 1100 and sent all types of signed invoices (simplified and standard) and now it is working fine. Thank you very much.

1 Like
9

Thank you @YaSsOo85

PCSID is generated after we complete onboarding. SignedInvoice is generated from PCSID and Private Key, not CCSID from Compliance CSID and Private Key that we got from generating CSR and Private Key.

If we have to send SignedInvoice for Compliance Checks to get PCSID, then how can we generate SignedInvoice as we don’t have PCSID yet?

Here are the steps as I understand them:

  1. Generate CSR Properties. @Malik #7
  2. Generate CSR and Private Key from CSR Properties.
  3. Get CCSID from Compliance CSID with the generated CSR in step 2.
  4. Send Sample Invoices (3 or 6 invoices depending on the type EGS 10 / 01 / 11) to Compliance Checks.
  5. Get PCSID, use CCSID BinaryToken and Secret for authorization, and RequestID as payload and Token.

My question is regarding step 4: Is this mandatory? If yes, should we send SignedInvoices or send CleanInvoice XML without UBL Extension and Signature?

@mohmed58264
Let me know how you generated SignedInvoice?

Please provide clarification.

10

Hi,
Leave Sandbox now and we will only discuss Simulation and Production. So in Simulation if you need B2B and B2C then you will have to make compliance without any error in simulation even with sample but correct data and once 3 or 6 compliance done then you can proceed to get PCSID so now you will have to change your username and password as received with this PCSID generation for sending docs to ZATCA.
Note Simulation is just a TEST/Pre-Production instance and once you are fine in Simulation then repeat same steps for PROD. Hope it answers your questions/concerns. thanks

11

Thank you @Malik

Yes, my question is regarding both Simulation and Production, as I have completed the Sandbox phase. My question is: should I send SignedInvoice XML or CleanInvoice XML for Compliance Checks?

If the answer is SignedInvoice XML, how can I create SignedInvoice XML when we don’t have PCSID yet?

12

@eCloud
depending on the steps which you provided :
you have to use the key from step 3 as authentication when you send test invoices to the compliance Api ( use CCSID Binary Token and Secret for authorization ) and after pass you will be able to do step 5
you Can use the key from step 3 to sign the invoices

13

This means you had not watched my video I shared above in this topic. Please watch it again.

B2B is signed by ZATCA and will send back signed XML.
B2C you will local signe and will report to ZATCA.

First get compliance of 3 or 6 documents as per you setup then you can generate PCSID. As you must have done compliance in SANDBOX so do same way in simulation no idea where is confusion. thanks

thanks

14

Thank you to everyone involved in this discussion, your answers have been very helpful.

However, I still have not gained clarity about whether to send SignedInvoice or CleanInvoice to Compliance Check as a requirement to obtain PCSID.

From the responses above, it seems we need to send SignedInvoice.
However, my understanding is that we need a PCSID binaryToken to create a SignedInvoice.

I might be misunderstanding the process of creating a SignedInvoice.

What I understand about creating a SignedInvoice is: The element ds:X509Certificate must come from the Decoded Base64 PCSID BinaryToken obtained after Device Onboarding, not from the CCSID BinaryToken.
.

I have noticed some differences between how the Sandbox works and how Simulation and Production work. In the Sandbox, I do not need to perform Compliance Check first to proceed to Device Onboarding.

Honestly, I have not been able to try the Simulation yet, as I want to ensure my system is completely ready for testing in the simulation phase. I hope to learn a lot from this forum.

Thank you.

15

@eCloud
for the compliance you can use ccsid as a certificate just decode it and use it to pass the compliance steps and get the final certificate

1 Like
16

yes i generated SignedInvoice by using command :fatoora -sign -qr -invoice Standard_Invoice.xml -signedinvoice signed.xml

1 Like
17

Once again, thank you for your assistance, everyone.

I have tried creating a SignedInvoice using the certificate from CCSID, and it was accepted by Compliance Check.

My question has been answered.

image
image1060×807 37.5 KB

18

Salam @Malik
Can you please provide your video link. It will be a great help. I am new to this developer community and it has been quite useful.

How are these fields filled? Who provides this information?
csr.common.name=TST-886431145-399999999900003
csr.serial.number=1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f
csr.organization.identifier=399999999900003

Is it mandatory that Invoice, credit and debit notes must pass the compliance checks to get a production CSID? Because our software only has invoice and credit notes. We do not have debit notes. If anything is underpaid, we issue a new invoice with the balance amount.

19

Hi,
Here is the video link,

1 Like
20

Thank you @Malik for your video
I had a question about the csr.config file
csr.invoice.type=1100.
I understand that this means Simplified and standard tax invoice. But i need further details. What is the meaning of each digit? Where do I find it?
What does the 00 signify?

How do we get the data in these 3 fields?
csr.common.name=TST-886431145-399999999900003
csr.serial.number=1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f
csr.organization.identifier=399999999900003

21

The document type that the Taxpayer’s solution unit will be issuing/generating. It can be one or a combination of Standard Tax Invoice (T), Simplified Tax Invoice (S), (X), (Y). The input should be using the digits 0 & 1 and mapping those to “TSXY” where: 0 = False/Not supported 1= True/Supported (X) and (Y) are for future use and should be set to 0 by default for the time being. For example: 1000 would mean Solution will be generating Standard Invoices only. 0100 would mean Solution will be generating Simplified invoices (B2C) only and 1100 means Solution will be generating both Standard (B2B) and Simplified invoices (B2C).

B2B = 1000
B2C = 0100
BOTH = 1100