e-Invoice API Credentials
- E-Invoice API has two sets of credentials – Client Id and Client Secret, and User Id and Password.
- Client Id and Client Secret are provided to the Service Providers like GSPs, ERPs and ECOs(E-Commerce Operators).
- If the taxpayer wants to access the API directly, as notified by the NIC IRP for the category of taxpayers, then he will get Client Id and Client Secret. The Client Id and Client Secret, provided to the taxpayer, can be used for GSTINs of his PAN India. The Client Id and Client Secret can be used by the notified taxpayer for all his sister concerned GSTINs, which have the same PAN.
- Each taxpayer creates a username and Password for his GSTIN to generate IRNs.
e-Invoice API Credentials for SANDBOX
- GSPs, ERPs, ECOs, and notified taxpayers to register on the sandbox portal to get the Client Id and Client Secret. They have to click the login link on the ‘API sandbox portal’ and click the Register button.
- Here, the system requests to choose the GSP, ERP, ECO or Taxpayer category and enter PAN or GSTIN. Also, the registered mobile number and email id used while registering for GSP or GSTIN on GST Common Portal.
- After verifying these details and the OTP sent to the registered mobile number, the system generates the Client Id and Client Secret and sends them to the registered mobile number.
- In the taxpayer’s case, he can directly create the username and Password for his GSTIN.
- In GSP, he can generate the dummy GSTINs based on the state and PAN and create the username and Password for these GTINs. GSPs can generate multiple user names and passwords for the same PAN with different states.
- Can use these credentials directly for API testing. And also, can use these credentials to log in to the API developer application to understand the process of API interface steps and verification.
API Credentials for Production
- GSPs and notified taxpayers, who are already accessing the E-way Bill APIs on production, can use the same client ID, client secret, and Username and Password for e-invoice APIs.
- GSPs, who do not have the API credentials in E-way Bill System, will be provided the credentials after completing the onboarding process.
- As GSPs are service providers, I wouldn’t provide them with the username and password credentials.
- ERPs, ECOs and Taxpayers will log in to the einvoice1 portal and request the Client credentials by submitting four static IPs and a summary test report.
- After scrutiny and verification of the report and whitelisting, the taxpayers will be intimated, and they can get the Client Credentials through a portal.
- Notified taxpayers can create the username and password credentials on the e-invoice production portal after logging into the system. This option is available in user management, and it will happen after OTP authentication.
- Suppose the sister concern of the notified taxpayer is having access to the API system. In that case, he can connect through them by registering with that company while creating the username and Password.
- If they are not accessing the API directly and want to connect through GSP or ERP, the notified taxpayer can choose the GSPs or ERPs through whom they want to connect to the API system while creating the username and Password.
- These user credentials have to be used to access the e-invoice system for generating the IRN directly from the taxpayer’s system.
Important Points
- The taxpayer who has registered for the API system should not share the username and Password with his service provider.
- If the taxpayer wants, he can create a username and Password with multiple GSPs or ERPs. May note that the username and Password will differ with each GSP/ERP.
- He has to use the user credentials created with the GSP/ERP while requesting IRN through that GSP/ERP. He can interchange and use these ‘user credentials’ or ‘Auth Token’ between GSPs/ERPs.
- Tax Payer can freeze/block the user credentials created with any GSP/ERP if not want to continue.
- Tax Payer can also change the Password of the user credentials whenever required.
- The taxpayer is supposed to generate the IRN request from his system and send it to the service provider (GSP/ERP).
- The service provider(GSP/ERP) is not supposed to store the request and response of the taxpayers in his system.