the certificate used to sign invoice in sdk is binarySecurityToken in response of create PCSID?
and private for sign invoice in sdk is the private key used to create csr
Yes, For Reporting invoices (B2C), you should use the returned Binary Security Token and secret from the PCSID API, and the private key generated with CSR.
and for Clearance invoices (B2B) ZATCA will handle the signing, and you should provide the cleared invoice from ZATCA to the customer.
Regarding the Binary Security Token and secret from the Compliance CSID API (initial certificate), it will be used for submitting the invoices to a compliance check only in order to generate the PCSID.
Greetings, I have a related question , As mentioned the certificate to be used is the returned value from Production CSID but to reach this step i have to pass the compliance check step where i have to submit three simplified invoices normal , credit and debit notes… so to create these 3 invoices and make sure they are complying we have to sign them … my question is what certificate should be used to sign these three simplified invoices for compliance check purposes… Am I correct ?