API Interface for Tax Payer Automated system:
The taxpayers enter invoice details in their automated system. Same data in the required format is sent to the e-Invoice “Generate IRN” API. The invoice gets registered, and IRN is generated. This is sent to the taxpayers along with the digitally signed e-Invoice and QR Code which needs to be saved along with IRN and ACK Number. The taxpayer’s system prepares the invoice for print, with IRN and the QR Code embedded in it.
Store the response values:
- GSPs, ERPs, ECOs, and notified taxpayers to register on the sandbox portal to get the Client Id and Client Secret. They have to click the login link on the ‘API sandbox portal’ and click the Register button.
- Here, the system requests to choose the GSP, ERP, ECO or Taxpayer category and enter PAN or GSTIN. Also, the registered mobile number and email id used while registering for GSP or GSTIN on GST Common Portal.
- After verifying these details and the OTP sent to the registered mobile number, the system generates the Client Id and Client Secret and sends them to the registered mobile number.
- In the taxpayer’s case, he can directly create the username and Password for his GSTIN.
- In GSP, he can generate the dummy GSTINs based on the state and PAN and create the username and Password for these GTINs. GSPs can generate multiple user names and passwords for the same PAN with different states.
- Can use these credentials directly for API testing. And also, can use these credentials to log in to the API developer application to understand the process of API interface steps and verification.
Validate the JSON Schema and data before requesting:
The JSON Schema and data validations are important components before generating the IRN. It is advised to the taxpayers to get the request payload JSON validated as per the Schema given, and data is validated as per the validation steps. This will ensure faster and better service to the end-user.
Check the response status and act accordingly:
Each API replies with the status and data or error. The taxpayers require an interface to handle them appropriately. If the status indicates an error and provides the error list, get the data modified/corrected at the user or system level and resubmit the request.
Don't request the token for every transaction:
During the authentication process, the e-invoice system returns the token, SEK and expiry time of the token. It is advised to store these values in the taxpayer’s system and use them rather than request each transaction. It will speed up the process of completing the transaction faster and avoid getting blocked by the API service by the e-invoice system for this taxpayer.
Re-generate the token before expiry:
The authentication token, supplied by the e-invoice, is validated for 6 hours. It is advised to request the new token just 10 minutes before the token’s expiry. It is advised to check the failed requests during that time, if any, and resubmit them again.
Don't store the e-invoice system's SSL Certificate:
The e-invoice system changes the SSL certificate regularly as per the security norms. It is advised to the taxpayers not to store or hardcode SSL Certificates in their application for API interface.