• CS Ravi Bhushan Kumar | Past Chairman of Noida Chapter NIRC-ICSI
  • 9990339200 cs.ravibhushan@gmail.com
  1. Home
  2. Whatsnew
  3. e-Invoicing System for sandbox API interface (for testing) has been released

e-Invoicing System for sandbox API interface (for testing) has been released

21-Feb-2020 Posted by: Admin
e-Invoicing System for sandbox API interface (for testing) has been released on portal https://einv-apisandbox.nic.in.

E-invoice APIs are used to communicate and exchange the data between Taxpayers or GSP systems and the e-Invoice system. This section describes standards and formats which will be used to define API exposed by e-Invoice system. E-Invoice APIs are implemented as RESTful Web Services.

Following HTTP methods are used across the APIs
HTTP Method
GET To fetch data from e-Invoice system
POST To submit data to e-Invoice system
  • It is essential to get authenticated to make use of any API. For this, the user has to call the Authentication API and get a token. Subsequent calls to other APIs should carry this valid token. Details of the Authentication API are available under the API documentation.
  • Password and AppKey, during the authentication process, have to be encrypted using the public key, which will be provided by the e-Invoice system.
  • Successful authentication also provides Session Encryption Key(SEK). Subsequent request payloads should be encrypted using this key. Responses from e-Invoice system will be encrypted using this key. The payloads are encrypted using the symmetric algorithm.
  • The responses of some of the API calls like, “Generate - IRN”, “Get IRN Details” will have the complete e-Invoice and QR- Code data digitally signed using JSON Web Token (JWT) and JSON Web Signature (JWS) with “SHA256RSA” algorithm.
  • More information on above are available in the respective API documentation in this portal.

Authentication Token Request Process

                                   

Process flow for other services

                                        

Benefits

These APIs provide the following benefits to the Tax Payers and GST Suvidha Providers (GSP):
  • These provide seamless integration of ERP/Accounting system of the taxpayers with e-Invoice system.
  • The tax payer can record the IRN and ACK number, of registration of e-Invoice at GST System, on their system online.
  • This will avoid duplicate or double entry of invoice. Generally, the tax payers enter the sales details in their computerised system and generate the invoice. The same data can be passed on to the e-Invoicing system to generate the Invoice Registration Number (IRN).
  • This will eliminate the errors that can occur during data entry for e-Invoice.
  • One time entry of e-Invoice will act as an input for generation of E-Way Bill and the ANX-1 easily later.
  • E-Invoice system provides 24/7 self-help service.

Pre-requisites

To use the API interface, Tax payers and GSPs have to meet the following conditions:
  • Tax payers should have automated their invoice generation process.
  • GSPs/Taxpayers must ensure that traffic originating from their end and destination to e-Invoice system is free from viruses, malwares, intrusions, Bots/C&C threats etc. NIC will reserve the right to block/suspend the services of GSP/Taxpayers if malicious traffic impacting the e-Invoice system is detected.
  • GSPs/Taxpayers must adhere to all Government of India IT Security standards and regulatory requirements. GSP/Taxpayers must comply with IT Act 2000 (including 43A) and amendments thereof.
  • Tax payers as notified by the government are allowed to register the e-Invoice on the GST Portal. Please see the laws section on the e-Invoice portal for the category of the tax payers eligible for this purpose.
  • GSPs/Taxpayers should meet the security requirements as applicable for application and infrastructure as specified by CERT-In (http://www.cert-in.org.in/).
  • GSPs/Taxpayers must have provision for adequate bandwidth at their end for connecting to e-Invoice system.
  • Initially, the tax payers with annual turnover of 500 Crore and above, in their previous financial year, are allowed to get the access to the API credentials. Other tax payers may get access to the API credentials through GSPs.
  • Tax payers or GSPs system should have SSL or TSL (with minimum TLS 1.2) based domain name for interface.
  • Tax payers or GSPs will be allowed to access the production environment by whitelisting maximum up to 4 Indian Static IP addresses.
  • Tax payers or GSPs need to modify their automated system for data exchange with the e-Invoicing system as per the APIs.
  • It is recommended that GSPs/Taxpayers should also consider a backup connectivity to be provided from different service providers at their location.
  • Tax payers or GSPs should have pre-production system for testing.
  • Tax payers or GSPs need to test their modified system on the e-Invoice pre-production site with all types of activities/services.

On-boarding Process

  • GSPs/Taxpayers should preferably nominate a Project Manager and Technical SPOC, for overseeing all project related matters and issues.
  • GSPs or Taxpayers should have met the pre-requisite conditions, to get the access to production.
  • Once they have finished the testing of all APIs in pre-production environment, they have to file their complete test results in the Test Summary Report, as provided in the sandbox test environment.
  • GSPs/Taxpayers must have their application and infrastructure audited for compliance and submit the artefact /report to the NIC e-Invoice team for validation.
  • They have to complete all the formalities like white listing of up to 4 Indian static IP addresses.
  • Access to e-Invoice system shall be provided on evaluation and confirmation of the Audit reports/artifacts of compliance.
  • GSPs/Taxpayers can reach the e-Invoice system through internet initially. However, subsequently they would access the e-Invoice system through MLPS links provisioned by GSTIN. A cut-off date for the same would be informed in due course of time.
  • The users have to separately create credentials for the production environment by visiting the production e-Invoicing self-help portal.
  • If the taxpayers have multiple tax payer registrations (GSTINs) with same PAN, then they can use same client-id and client-secret of their main business place. However, they have to create separate user name and password credentials for each registration/GSTIN in e-Invoice system.
  • Taxpayers who wish to use the APIs through GSP have to opt for the GSP in the portal and create their own user name and password.

Documents Required

  • Contact details of Project Manager and Technical SPOC.
  • 4 Indian Public Static IPs (maximum) for whitelisting at NIC end.
  • Report on application and infrastructure, including API interface, audited by CERT-In agency, for Security compliance and supporting artifact/report.
  • The artifacts of the successful test on sandbox testing.
Procedure:
  • E-invoice trial website is released in http://einvoice1-trial.nic.in.  Bulk upload facility can be used here for e-Invoice IRN generation.
  • Login has been enabled for registration and testing the APIs.
  • After logging in, one can see the end points for the APIs in sandbox.
  • Schemas, Request and Response payloads have been updated.
  • API credentials and Resource sections have been updated.
  • From 1st Jan 2020, the tax payers with annual turnover of Rs. 500 Crore and above, in their previous financial year, will be allowed to get the access to the API credentials. Other tax payers may get access to the API credentials through GSPs.
  • Click on the "Login" button to register for API Testing.

Click here to read Frequently Asked Questions

Search What's New By Date
What's New as on
Latest Blogs
Tag Cloud