Sample code for 30+ languages & platforms
SQL Server

ZATCA Onboarding Get Compliance CSID

See more ZATCA Examples

Demonstrates sending a POST to get a compliance CSID, which is two parts: A binary security token, and a secret.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    -- It is assumed you've already generated a CSR.
    -- Also, you'll need an OTP code, valid for 1 hour, which is generated online in the Fatoora portal.  See 
    -- https://zatca.gov.sa/ar/E-Invoicing/Introduction/Guidelines/Documents/E-invoicing%20Detailed%20Technical%20Guidelines.pdf

    -- Manually replace this with the OTP code you interactively obtained in a browser session from the Fatoora portal.
    -- The OTP code is valid for 1 hour.
    DECLARE @otp nvarchar(4000)
    SELECT @otp = '123434'

    -- You should already have a CSR in a file containing something that looks like this:

    -- -----BEGIN CERTIFICATE REQUEST-----
    -- MIIB5DCCAYsCAQAwTDELMAkGA1UEBhMCU0ExFTATBgNVBAsMDFJpeWFkIEJyYW5j
    -- aDEQMA4GA1UECgwHQ29udG9zbzEUMBIGA1UEAwwLRUExMjM0NTY3ODkwVjAQBgcq
    -- hkjOPQIBBgUrgQQACgNCAAQI6op+6GQ4Gmn9oy0DpGxX0lFtUIvj+4Jtnp0VyEsH
    -- +ZO7lpgksbRC484R3fAsO0v+Ly24ZIUIOYEIAeJ1f6AooIHfMIHcBgkqhkiG9w0B
    -- CQ4xgc4wgcswIQYJKwYBBAGCNxQCBBQTElpBVENBLUNvZGUtU2lnbmluZzCBpQYD
    -- VR0RBIGdMIGapIGXMIGUMTswOQYDVQQEDDIxLVRTVHwyLVRTVHwzLWVkMjJmMWQ4
    -- LWU2YTItMTExOC05YjU4LWQ5YThmMTFlNDQ1ZjEfMB0GCgmSJomT8ixkAQEMDzMx
    -- MDEyMjM5MzUwMDAwMzENMAsGA1UEDAwEMTEwMDESMBAGA1UEGgwJTXlBZGRyZXNz
    -- MREwDwYDVQQPDAhJbmR1c3RyeTAKBggqhkjOPQQDAgNHADBEAiBurm6KdAeHfXzt
    -- h/jk8xSMBP4TAkkFrg+hWDhfI0/SuAIgJi8ectM7YwBIBCmf0tdFcVTU7GBbvjnK
    -- xValZCAO39M=
    -- -----END CERTIFICATE REQUEST-----

    DECLARE @pem int
    EXEC @hr = sp_OACreate 'Chilkat.Pem', @pem OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    EXEC sp_OAMethod @pem, 'LoadPemFile', @success OUT, 'c:/aaworkarea/zatca/onboarding/taxpayer.csr', ''
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @pem, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pem
        RETURN
      END

    -- Get the base64 from the CSR in a single line.
    DECLARE @sbCsrBase64 int
    EXEC @hr = sp_OACreate 'Chilkat.StringBuilder', @sbCsrBase64 OUT

    EXEC sp_OAMethod @pem, 'GetEncodedItem', @sTmp0 OUT, 'csr', '', 'base64', 0
    EXEC sp_OAMethod @sbCsrBase64, 'Append', @success OUT, @sTmp0
    DECLARE @numReplaced int
    EXEC sp_OAMethod @sbCsrBase64, 'Replace', @numReplaced OUT, CHAR(13), ''
    EXEC sp_OAMethod @sbCsrBase64, 'Replace', @numReplaced OUT, CHAR(10), ''
    DECLARE @csrBase64 nvarchar(4000)
    EXEC sp_OAMethod @sbCsrBase64, 'GetAsString', @csrBase64 OUT

    PRINT @csrBase64

    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OASetProperty @json, 'EmitCompact', 0
    EXEC sp_OAMethod @json, 'UpdateSb', @success OUT, 'csr', @sbCsrBase64

    DECLARE @http int
    EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT

    EXEC sp_OASetProperty @http, 'Accept', 'application/json'
    EXEC sp_OAMethod @http, 'SetRequestHeader', NULL, 'OTP', @otp
    EXEC sp_OAMethod @http, 'SetRequestHeader', NULL, 'Accept-Version', 'V2'
    DECLARE @resp int
    EXEC @hr = sp_OACreate 'Chilkat.HttpResponse', @resp OUT

    EXEC sp_OAMethod @http, 'HttpJson', @success OUT, 'POST', 'https://gw-apic-gov.gazt.gov.sa/e-invoicing/core/compliance', @json, 'application/json', @resp
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @pem
        EXEC @hr = sp_OADestroy @sbCsrBase64
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @resp
        RETURN
      END

    EXEC sp_OAGetProperty @resp, 'StatusCode', @iTmp0 OUT
    IF @iTmp0 <> 200
      BEGIN
        EXEC sp_OAGetProperty @resp, 'BodyStr', @sTmp0 OUT
        PRINT @sTmp0

        EXEC sp_OAGetProperty @resp, 'StatusCode', @iTmp0 OUT
        PRINT 'response status code = ' + @iTmp0

        PRINT 'Failed'
        EXEC @hr = sp_OADestroy @pem
        EXEC @hr = sp_OADestroy @sbCsrBase64
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @http
        EXEC @hr = sp_OADestroy @resp
        RETURN
      END

    DECLARE @jsonResp int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jsonResp OUT

    EXEC sp_OAMethod @resp, 'GetBodyJson', @success OUT, @jsonResp

    EXEC sp_OASetProperty @jsonResp, 'EmitCompact', 0

    PRINT 'JSON response:'
    EXEC sp_OAMethod @jsonResp, 'Emit', @sTmp0 OUT
    PRINT @sTmp0

    EXEC @hr = sp_OADestroy @pem
    EXEC @hr = sp_OADestroy @sbCsrBase64
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @http
    EXEC @hr = sp_OADestroy @resp
    EXEC @hr = sp_OADestroy @jsonResp


END
GO