Sample code for 30+ languages & platforms
JavaScript

ZATCA Onboarding Get Compliance CSID

See more ZATCA Examples

Demonstrates sending a POST to get a compliance CSID, which is two parts: A binary security token, and a secret.
Note
This example is intended for running within a Chilkat.Js embedded JavaScript engine. All Chilkat JavaScript examples require Chilkat v11.4.0 or greater.
JavaScript
var success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// It is assumed you've already generated a CSR.
// Also, you'll need an OTP code, valid for 1 hour, which is generated online in the Fatoora portal.  See 
// https://zatca.gov.sa/ar/E-Invoicing/Introduction/Guidelines/Documents/E-invoicing%20Detailed%20Technical%20Guidelines.pdf

// Manually replace this with the OTP code you interactively obtained in a browser session from the Fatoora portal.
// The OTP code is valid for 1 hour.
var otp = "123434";

// You should already have a CSR in a file containing something that looks like this:

// -----BEGIN CERTIFICATE REQUEST-----
// MIIB5DCCAYsCAQAwTDELMAkGA1UEBhMCU0ExFTATBgNVBAsMDFJpeWFkIEJyYW5j
// aDEQMA4GA1UECgwHQ29udG9zbzEUMBIGA1UEAwwLRUExMjM0NTY3ODkwVjAQBgcq
// hkjOPQIBBgUrgQQACgNCAAQI6op+6GQ4Gmn9oy0DpGxX0lFtUIvj+4Jtnp0VyEsH
// +ZO7lpgksbRC484R3fAsO0v+Ly24ZIUIOYEIAeJ1f6AooIHfMIHcBgkqhkiG9w0B
// CQ4xgc4wgcswIQYJKwYBBAGCNxQCBBQTElpBVENBLUNvZGUtU2lnbmluZzCBpQYD
// VR0RBIGdMIGapIGXMIGUMTswOQYDVQQEDDIxLVRTVHwyLVRTVHwzLWVkMjJmMWQ4
// LWU2YTItMTExOC05YjU4LWQ5YThmMTFlNDQ1ZjEfMB0GCgmSJomT8ixkAQEMDzMx
// MDEyMjM5MzUwMDAwMzENMAsGA1UEDAwEMTEwMDESMBAGA1UEGgwJTXlBZGRyZXNz
// MREwDwYDVQQPDAhJbmR1c3RyeTAKBggqhkjOPQQDAgNHADBEAiBurm6KdAeHfXzt
// h/jk8xSMBP4TAkkFrg+hWDhfI0/SuAIgJi8ectM7YwBIBCmf0tdFcVTU7GBbvjnK
// xValZCAO39M=
// -----END CERTIFICATE REQUEST-----

var pem = new CkPem();
success = pem.LoadPemFile("c:/aaworkarea/zatca/onboarding/taxpayer.csr","");
if (success == false) {
    console.log(pem.LastErrorText);
    return;
}

// Get the base64 from the CSR in a single line.
var sbCsrBase64 = new CkStringBuilder();
sbCsrBase64.Append(pem.GetEncodedItem("csr","","base64",0));
var numReplaced = sbCsrBase64.Replace("\r","");
numReplaced = sbCsrBase64.Replace("\n","");
var csrBase64 = sbCsrBase64.GetAsString();
console.log(csrBase64);

var json = new CkJsonObject();
json.EmitCompact = false;
json.UpdateSb("csr",sbCsrBase64);

var http = new CkHttp();
http.Accept = "application/json";
http.SetRequestHeader("OTP",otp);
http.SetRequestHeader("Accept-Version","V2");
var resp = new CkHttpResponse();
success = http.HttpJson("POST","https://gw-apic-gov.gazt.gov.sa/e-invoicing/core/compliance",json,"application/json",resp);
if (success == false) {
    console.log(http.LastErrorText);
    return;
}

if (resp.StatusCode !== 200) {
    console.log(resp.BodyStr);
    console.log("response status code = " + resp.StatusCode);
    console.log("Failed");
    return;
}

var jsonResp = new CkJsonObject();
resp.GetBodyJson(jsonResp);

jsonResp.EmitCompact = false;
console.log("JSON response:");
console.log(jsonResp.Emit());