Solo
One business, own invoices only
SAR 249/mo
~$66
- 300 inv/mo
- 1 production, 2 sandbox EGS units
✦ ZATCA Phase 2 Compliant ✦
For businesses in Saudi Arabia
The fastest way to integrate ZATCA compliance into any system.
Esnad sits between your system and ZATCA Fatoora. You send invoice data. We handle the XML, certificates, cryptographic signing, PIH chain, and QR code. Your customers get ZATCA-compliant invoices. You write zero ZATCA code.
No credit card required · Sandbox ready in 60 seconds · Data in AWS me-south-1 · Saudi Arabia
How It Works
01
Sign up & add your EGS unit
Create your account in 60 seconds. No Saudi government portal access needed. You give us your VAT number and business name.
02
Add your first EGS unit
We generate keys, build the CSR, run the ZATCA compliance flow, and get your production cert. You provide the OTP from Fatoora. Takes ~60 seconds.
03
Issue invoices via one API call
POST JSON to our API. We sign, submit to ZATCA, and return the cleared invoice with UUID and QR.
You only touch Fatoora portal once per year — to generate an OTP for certificate renewal. Everything else is us.
What We Handle
✓
UBL 2.1 XML Generation
Saudi profile, all namespaces, correct field ordering
✓
TLV QR Code (B2C)
9-tag binary, base64, max 700 chars — generated automatically
✓
ECDSA Cryptographic Signing
secp256k1, DER-encoded, embedded in UBL extension
✓
PIH Chain Maintenance
We maintain the Previous Invoice Hash across every invoice, per EGS unit
✓
CSID Certificate Lifecycle
We alert 30/14/7/1 days before expiry. Renew in one API call.
✓
Retry & Queue
ZATCA down? We queue and retry. B2C 24h window absorbs short outages. You always get a response.
✓
B2B Clearance
Real-time sync with ZATCA. We hold until cleared before returning.
✓
6-Year XML Archive
Signed XML stored encrypted in AWS S3. Download any time via API.
✓
B2C Reporting
Issue first, we report to ZATCA within the required 24h window.
✓
Webhooks
We POST to your URL when invoices are cleared or reported. HMAC-signed.
✓
ZATCA updates & versioning
We track every ZATCA change. Your API contract stays the same — we absorb updates so you never go outdated.
✓
PDF Download
Download any cleared invoice as PDF via API. No extra setup.
✓
Default EGS per API Key
Set a default EGS unit on each API key so you can omit egs_unit_id in invoice requests.
✓
Idempotent Invoice Creation
Send the same idempotency key and get the same invoice back — safe retries.
✓
Rate Limits
Documented per-plan limits (req/min). No surprises.
✓
Audit Log
Full audit trail of API and dashboard actions in your account.
✓
Team & Invites
Invite team members to the dashboard. One account, multiple users.
✓
Two-Factor Authentication
TOTP-based 2FA for dashboard login. Your keys stay secure.
Always up to date with ZATCA
ZATCA changes requirements, error codes, and formats over time. Build directly and you risk constant rework. With Esnad, your API stays the same — we handle every update, data, and versioning. You get the complete solution; no one else.
Who Uses Esnad
POS Vendors
You built the POS. Now every merchant you serve needs ZATCA clearance. One API key per merchant. You manage all of them from one account.
→ Studio or Platform plan
Dev Agencies
Your Saudi client needs Phase 2 now. You have 2 weeks. Integrate once, ship to them. Sandbox ready in 60 seconds.
→ Business plan SAR 599/mo
Accounting Firms
You manage ZATCA for 30+ clients. One dashboard, one API key per client. Cert expiry alerts for all of them.
→ Studio plan SAR 1,299/mo
Your Data Stays in the Region
All invoice data, signed XML, and private keys are stored in AWS Middle East regions. No data leaves the GCC. ZATCA data residency guidelines compliant.
Signed XML
S3 — 6 yrs · Encrypted
Private Keys
Secrets Mgr · Never in DB
Invoice data
RDS MySQL · Encrypted
We issue our own invoices through Esnad. Every SAR you pay us is ZATCA-compliant.
Simple Pricing in SAR
14-day free trial on all plans. No credit card.
Most popular
Business
Small POS vendors & agencies
SAR 599/mo
~$160
- 3,000 inv/mo
- 3 production, 5 sandbox EGS units
Studio
Accounting firms & mid-size
SAR 1,299/mo
~$346
- 10,000 inv/mo
- 10 production, 15 sandbox EGS units
Platform
ERP / large POS, 50+ merchants
SAR 3,499/mo
~$933
- 30,000 inv/mo
- Up to 25 EGS units
FAQ
You register once on the Fatoora portal to generate a one-time OTP — that's it. You paste the OTP into Esnad when setting up an EGS unit, and we handle the full ZATCA registration flow: CSR generation with the required cryptographic keys, compliance CSID acquisition, the 3-invoice compliance check, and final production CSID. After that, the only time you interact with Fatoora directly is when your certificate expires (once a year) and you need to generate a new OTP for renewal. Everything else — invoice signing, submission, retries, XML archiving — is handled by Esnad automatically.
We never fail your API call just because ZATCA is temporarily unavailable. For B2B (Standard) invoices, we queue the submission and retry with exponential backoff — ZATCA usually recovers within minutes and your invoice gets cleared without any action on your part. For B2C (Simplified) invoices, ZATCA's rules give you a 24-hour reporting window, so short outages are completely absorbed. Our load balancer uses a separate liveness endpoint that doesn't depend on ZATCA, so the Esnad API stays healthy and accepting requests even during ZATCA incidents. You'll see invoice status as "queued" during an outage and "reported" or "cleared" once ZATCA is back.
Standard Tax Invoices (B2B — business to business) require real-time clearance: ZATCA must approve the invoice before you can send it to your buyer. We submit to ZATCA synchronously and only return the response to you after clearance is confirmed. This means your API call blocks until ZATCA responds — typically within a few seconds. Simplified Tax Invoices (B2C — business to consumer, like retail or restaurants) work differently: you issue the invoice first, then ZATCA requires you to report it within 24 hours. We handle the reporting automatically and return the QR code to you immediately so your customer can receive their receipt without waiting.
Usually 60–90 seconds. You provide a unit name, invoice type (B2B, B2C, or both), and the OTP from the Fatoora portal. We generate the ECDSA key pair, build the CSR with ZATCA-required fields, submit to ZATCA's compliance endpoint, run the three mandatory compliance test invoices, and exchange for a production certificate — all automatically. The process is async and you poll a status endpoint until it shows "active." The OTP from Fatoora expires in about 5 minutes, so make sure to use it promptly after generating it.
Your invoice data and signed XML are stored in AWS me-south-1 (Bahrain) or me-central-1 (UAE). Both are Middle East regions with no data leaving the GCC. Private keys are stored in AWS Secrets Manager in the same region, never in the database, and never logged. Signed XML is encrypted at rest in S3 and retained for 6 years per ZATCA's archiving requirements. We do not transfer your data to servers outside the Middle East region. We also issue our own subscription invoices through Esnad — so our own billing is ZATCA-compliant and stored under the same data residency rules.
One API call
The fastest way to integrate ZATCA compliance into any system — without ZATCA boilerplate.
const response = await fetch('https://api.esnadapi.com/v1/invoices/simplified', {
method: 'POST',
headers: {
'Authorization': 'Bearer zatca_live_xxxxxxxxxxxx',
'Idempotency-Key': crypto.randomUUID(),
'Content-Type': 'application/json',
},
body: JSON.stringify({
egs_unit_id: 'egs_abc123',
invoice_number: 'INV-2026-001',
invoice_date: '2026-01-15',
seller: { name: 'Al Noor Trading', vat_number: '310122393500003' },
line_items: [{ description: 'Cappuccino', quantity: 2, unit_price: 18.00, vat_category: 'S' }],
currency: 'SAR'
})
});
const data = await response.json();
// data.uuid, data.qr_code, data.status === 'reported'Full API documentation
Flow & integration, API reference, invoices, EGS, webhooks, and rate limits — all on our docs site.
Open docs.esnadapi.com →Start Issuing ZATCA-Compliant Invoices Today
14-day free trial · 10 live invoices · No credit card
Questions? support@esnadapi.com · WhatsApp for Arabic support