Nieprawidłowe żądanie w KSeF

Nieprawidłowe żądanie w KSeF
xoree
  • Rejestracja: dni
  • Ostatnio: dni
  • Lokalizacja: Poraj
  • Postów: 57
0

Innymi słowy, trzeba się wstrzymać do czasu wydawania certyfikatów KSeF — to nastąpi od 1 listopada 2025 roku. Wtedy będziemy wiedzieli, jak to mniej więcej będzie działać. Natomiast osoby posiadające podpis cyfrowy (kwalifikowany) mogą już teraz testować logowanie i integrację z systemem KSeF na środowisku testowym.

In other words, it’s best to wait until KSeF certificates start being issued — this will happen on November 1, 2025. At that point, we’ll have a better understanding of how the system will work. However, individuals who already have a digital signature (qualified) can test logging in and integrating with the KSeF system in the test environment.

Examples with “In my opinion” :

Kopiuj
curl -X POST "https://ksef-demo.mf.gov.pl/api/online/Session/InitToken" \
  --cert ./cert.pem \
  --key ./key.pem \
  -H "Content-Type: application/json" \
  -d '{
    "contextIdentifier": {
      "type": "onip",
      "identifier": "57718769xx"
    },
    "token": "TwójTokenZakodowanyBase64"
  }'

Or:

Kopiuj
curl -X POST "https://ksef-demo.mf.gov.pl/api/online/Session/InitToken" \
  --cert-type P12 \
  --cert ./certyfikat.pfx:mopass \
  -H "Content-Type: application/json" \
  -d '{
    "contextIdentifier": {
      "type": "onip",
      "identifier": "57718769xx"
    },
    "token": "TwójTokenZakodowanyBase64"
  }'
S9
  • Rejestracja: dni
  • Ostatnio: dni
  • Postów: 2
0

Hi,

We are trying to integrate with the ksef v2 APIs using Token based auth. As of now, I can get the auth challenge, and send the authentication request to (ksef-test.mf.gov.pl/api/v2/auth/ksef-token) by encrypting <Ksef_non-expiring_token>|<unix_timestamp_from_challenge> using the .pem previously generated using "OaepSHA256" algorithm. However, when I try to get the auth status using the API (/api/v2/auth/{referenceNumber}), I get the following respone: {"startDate":"2025-11-03T13:02:18.0134958+00:00","authenticationMethod":"Token","status":{"code":450,"description":"Uwierzytelnianie zakonczone niepowodzeniem z powodu blednego tokenu","details":["Invalid token encryption."]}}.

Can you please help me with what could be the issue ? I am assuming the previously generated non-expiring ksef token and the .pem (used for v1) should work ? If not, where can I generate new ones from ?

Thanks a ton!
@xoree could you please help me with this one

xoree
  • Rejestracja: dni
  • Ostatnio: dni
  • Lokalizacja: Poraj
  • Postów: 57
0

Have you reviewed https://ksef-demo.mf.gov.pl/docs/v2/index.html and https://github.com/CIRFMF/ksef-docs From what I understand, you are mixing up the token-based authentication mechanism with the certificate-based one. The authentication process is different.

At the moment, there are only two available methods, and a third one — authentication using the official KSeF certificate — is planned. As far as I know, there are currently no endpoints available for verification via the KSeF certificate.

S9
  • Rejestracja: dni
  • Ostatnio: dni
  • Postów: 2
0
xoree napisał(a):

Have you reviewed https://ksef-demo.mf.gov.pl/docs/v2/index.html and https://github.com/CIRFMF/ksef-docs From what I understand, you are mixing up the token-based authentication mechanism with the certificate-based one. The authentication process is different.

At the moment, there are only two available methods, and a third one — authentication using the official KSeF certificate — is planned. As far as I know, there are currently no endpoints available for verification via the KSeF certificate.

Yes, I did check the doc. I am using https://github.com/CIRFMF/ksef-docs/blob/main/uwierzytelnianie.md#22-uwierzytelnianie-tokenem-ksef the token based auth. The readme tells that the <kseftoken>|<unix_timestamp> should be encrypted with the public key (I think it is the .pem file we generated from ksef portal during v1 integration). Is that correct? Please correct my understanding

Thanks

xoree
  • Rejestracja: dni
  • Ostatnio: dni
  • Lokalizacja: Poraj
  • Postów: 57
0

There is a new version: https://github.com/bsdnetpl/KSeFClient

Zarejestruj się i dołącz do największej społeczności programistów w Polsce.

Otrzymaj wsparcie, dziel się wiedzą i rozwijaj swoje umiejętności z najlepszymi.