Best Practices

  • API Interface for Tax Payer Automated system - The tax payers enter invoice details in their automated system. Same data in the required format is sent to the e-Invoice “Generate IRN” API. The invoice gets registered and IRN is generated. This is sent to the taxpayers along with the digitally signed e-Invoice and QR Code which needs to be saved along with IRN and ACK Number. The tax payer's system prepares the invoice for print, which will have IRN and the QR Code embedded in it.
  • Store the response values – Post API methods responses with the ACK Number, ACK Date, IRN and Signed-Invoice. It is advised to the tax payers to store these values with the request record for future reference. Dependency in the future for these data from the GST system will be avoided.
  • Validate the JSON Schema and data before requesting – The JSON Schema and data validations are important components before generating the IRN. It is advised to the tax payers to get the request payload JSON validated as per the Schema given and data is validated as per the validation steps. This will ensure faster and better service to the end user.
  • Check the response status and act accordingly – Each API replies with the status and data or error. The tax payers require interface to handle them appropriately. If status is indicating as error and providing the error list, get the data modified/corrected at the user or system level and resubmit the request.
  • Don’t request for the token for every transaction - During the authentication process, the e-invoice system returns the token, SEK and expiry time of the token. It is advised to store these values in the tax payer’s system and use it for each transaction, rather than requesting for each transaction. It will speed up the process of completing the transaction faster and will avoid getting blocked the API service by the e-invoice system for this tax payer.
  • Re-generate the token before expiry – The authentication token, supplied by the e-invoice, is validate for 6 hours. It is advised to request for the new token just 10 minutes before the expiry of the token. It is advised to check the failed requests during that time, if any, and resubmit them again.
  • Don’t store e-invoice system’s SSL Certificate – The e-invoice system changes the SSL certificate regularly as per the security norms. It is advised to the tax payers not to store or hardcode SSL Certificate in their application for API interface.