Sample code for 30+ languages & platforms
Tcl

ZATCA Onboarding Get Compliance CSID

See more ZATCA Examples

Demonstrates sending a POST to get a compliance CSID, which is two parts: A binary security token, and a secret.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# It is assumed you've already generated a CSR.
# Also, you'll need an OTP code, valid for 1 hour, which is generated online in the Fatoora portal.  See 
# https://zatca.gov.sa/ar/E-Invoicing/Introduction/Guidelines/Documents/E-invoicing%20Detailed%20Technical%20Guidelines.pdf

# Manually replace this with the OTP code you interactively obtained in a browser session from the Fatoora portal.
# The OTP code is valid for 1 hour.
set otp "123434"

# You should already have a CSR in a file containing something that looks like this:

# -----BEGIN CERTIFICATE REQUEST-----
# MIIB5DCCAYsCAQAwTDELMAkGA1UEBhMCU0ExFTATBgNVBAsMDFJpeWFkIEJyYW5j
# aDEQMA4GA1UECgwHQ29udG9zbzEUMBIGA1UEAwwLRUExMjM0NTY3ODkwVjAQBgcq
# hkjOPQIBBgUrgQQACgNCAAQI6op+6GQ4Gmn9oy0DpGxX0lFtUIvj+4Jtnp0VyEsH
# +ZO7lpgksbRC484R3fAsO0v+Ly24ZIUIOYEIAeJ1f6AooIHfMIHcBgkqhkiG9w0B
# CQ4xgc4wgcswIQYJKwYBBAGCNxQCBBQTElpBVENBLUNvZGUtU2lnbmluZzCBpQYD
# VR0RBIGdMIGapIGXMIGUMTswOQYDVQQEDDIxLVRTVHwyLVRTVHwzLWVkMjJmMWQ4
# LWU2YTItMTExOC05YjU4LWQ5YThmMTFlNDQ1ZjEfMB0GCgmSJomT8ixkAQEMDzMx
# MDEyMjM5MzUwMDAwMzENMAsGA1UEDAwEMTEwMDESMBAGA1UEGgwJTXlBZGRyZXNz
# MREwDwYDVQQPDAhJbmR1c3RyeTAKBggqhkjOPQQDAgNHADBEAiBurm6KdAeHfXzt
# h/jk8xSMBP4TAkkFrg+hWDhfI0/SuAIgJi8ectM7YwBIBCmf0tdFcVTU7GBbvjnK
# xValZCAO39M=
# -----END CERTIFICATE REQUEST-----

set pem [new_CkPem]

set success [CkPem_LoadPemFile $pem "c:/aaworkarea/zatca/onboarding/taxpayer.csr" ""]
if {$success == 0} then {
    puts [CkPem_lastErrorText $pem]
    delete_CkPem $pem
    exit
}

# Get the base64 from the CSR in a single line.
set sbCsrBase64 [new_CkStringBuilder]

CkStringBuilder_Append $sbCsrBase64 [CkPem_getEncodedItem $pem "csr" "" "base64" 0]
set numReplaced [CkStringBuilder_Replace $sbCsrBase64 "\r" ""]
set numReplaced [CkStringBuilder_Replace $sbCsrBase64 "\n" ""]
set csrBase64 [CkStringBuilder_getAsString $sbCsrBase64]
puts "$csrBase64"

set json [new_CkJsonObject]

CkJsonObject_put_EmitCompact $json 0
CkJsonObject_UpdateSb $json "csr" $sbCsrBase64

set http [new_CkHttp]

CkHttp_put_Accept $http "application/json"
CkHttp_SetRequestHeader $http "OTP" $otp
CkHttp_SetRequestHeader $http "Accept-Version" "V2"
set resp [new_CkHttpResponse]

set success [CkHttp_HttpJson $http "POST" "https://gw-apic-gov.gazt.gov.sa/e-invoicing/core/compliance" $json "application/json" $resp]
if {$success == 0} then {
    puts [CkHttp_lastErrorText $http]
    delete_CkPem $pem
    delete_CkStringBuilder $sbCsrBase64
    delete_CkJsonObject $json
    delete_CkHttp $http
    delete_CkHttpResponse $resp
    exit
}

if {[CkHttpResponse_get_StatusCode $resp] != 200} then {
    puts [CkHttpResponse_bodyStr $resp]
    puts "response status code = [CkHttpResponse_get_StatusCode $resp]"
    puts "Failed"
    delete_CkPem $pem
    delete_CkStringBuilder $sbCsrBase64
    delete_CkJsonObject $json
    delete_CkHttp $http
    delete_CkHttpResponse $resp
    exit
}

set jsonResp [new_CkJsonObject]

CkHttpResponse_GetBodyJson $resp $jsonResp

CkJsonObject_put_EmitCompact $jsonResp 0
puts "JSON response:"
puts [CkJsonObject_emit $jsonResp]

delete_CkPem $pem
delete_CkStringBuilder $sbCsrBase64
delete_CkJsonObject $json
delete_CkHttp $http
delete_CkHttpResponse $resp
delete_CkJsonObject $jsonResp