Croatian Fiscalization setup

Prerequisites

There is a setup involved before we can start taking advantage of this functionality.

TIP: Since this is usually a one time process we also provide a visual step-by-step tool (wizard if you will 🧙‍♂️) that can take you through the whole process of setting up all required configuration for fiscalization for a organization.

Certificate

To enable fiscalization one of the first steps is to acquire a certificate from the Croatian Financial office (FINA), the certificate and passphrase can then be uploaded to Space Invoices and is required to register business premises and fiscalize invoices.

NOTE: A test certificate can be acquired from FINA and used with Space Invoices to create a test integration before going live. See the certificate section for more details.

Account configuration

First name, last name and tax number (if available) of the responsible person or person issuing the documents must be provided on the account that is creating documents.

For automatically generated documents it is recommended that users specify the company's responsible person ie. CEO's information. In case documents are issued manually then it is recommended to create an account for each person and adding their data.

Space Invoices will throw a validation error if this data is not provided. Please see the Account documentation for details.

A legal act must be created and stored by the issuing organization. Please see the FINA website for example of one created based on their recommendations. The document is required by law and contains information about how documents are numbered.

To fully form this document a decision must be made about business premises and electronic devices, this step is a good point to do so.

Upload a Certificate

If we perform multiple uploads the last certificate will be kept and the previous ones deleted.

The certificate's password is symmetrically encrypted with our own strong secret key and a per-password random generated unique strong key to ensure brute force protection and maximum security. Our key, the certificate and the password are all stored in separate locations with limited personel access.

NOTE: A test certificate can also be uploaded, take care to set the right (test) environment for the fiscalization configuration based on the type of uploaded certificate.

      
        const response = await fetch('https://api.spaceinvoices.com/v1/organizations/{id}/upload-certificate?type=furs', {
  method: 'POST',
  headers: {
    "Authorization": "ACCESS_TOKEN",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    "passhphrase": "",
    "certificate": "",
    "provider": "fina"
  })
});      
    

Your access token is displayed in examples.

Prerequisite: npm install node-fetch

        
          curl -X POST 'https://api.spaceinvoices.com/v1/organizations/{id}/upload-certificate?type=furs' \
  -H 'Authorization: ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "passhphrase": "",
    "certificate": "",
    "provider": "fina"
  }'        
      

Your access token displayed in examples.

        
          import requests
url = "https://api.spaceinvoices.com/v1/organizations/{id}/upload-certificate?type=furs"
headers = {
  'Authorization': 'ACCESS_TOKEN',
  'Content-Type': 'application/json'
}
payload = {
  'passhphrase': '',
  'certificate': '',
  'provider': 'fina'
}
response = requests.post(url, json=payload, headers=headers)        
      

Your access token displayed in examples.

Add a Business Premise

Before adding a Business Premise on Space Invoices, please make sure to add it on the FINA's website first and make note of the Business Premise ID as it needs to match.

Business premieses must have unique identifier (name) set for businessPremiseId value.

      
        const response = await fetch('https://api.spaceinvoices.com/v1/organizations/{id}/BusenessPremises', {
  method: 'POST',
  headers: {
    "Authorization": "ACCESS_TOKEN",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    "busienssPremiseId": "P1",
    "type": "realestate",
    "provider": "fina"
  })
});      
    

Your access token is displayed in examples.

Prerequisite: npm install node-fetch

        
          curl -X POST 'https://api.spaceinvoices.com/v1/organizations/{id}/BusenessPremises' \
  -H 'Authorization: ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "busienssPremiseId": "P1",
    "type": "realestate",
    "provider": "fina"
  }'        
      

Your access token displayed in examples.

        
          import requests
url = "https://api.spaceinvoices.com/v1/organizations/{id}/BusenessPremises"
headers = {
  'Authorization': 'ACCESS_TOKEN',
  'Content-Type': 'application/json'
}
payload = {
  'busienssPremiseId': 'P1',
  'type': 'realestate',
  'provider': 'fina'
}
response = requests.post(url, json=payload, headers=headers)        
      

Your access token displayed in examples.

Add an Electronic Device

An electronic device belongs to a business premise and must have a unique identifier (name) set for electronicDeviceId value. The value only has to be unique in the given business premise the device is related to.

      
        const response = await fetch('https://api.spaceinvoices.com/v1/BusinessPremises/{id}/ElectronicDevices', {
  method: 'POST',
  headers: {
    "Authorization": "ACCESS_TOKEN",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    "electronicDeviceId": "D1",
    "provider": "fina"
  })
});      
    

Your access token is displayed in examples.

Prerequisite: npm install node-fetch

        
          curl -X POST 'https://api.spaceinvoices.com/v1/BusinessPremises/{id}/ElectronicDevices' \
  -H 'Authorization: ACCESS_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "electronicDeviceId": "D1",
    "provider": "fina"
  }'        
      

Your access token displayed in examples.

        
          import requests
url = "https://api.spaceinvoices.com/v1/BusinessPremises/{id}/ElectronicDevices"
headers = {
  'Authorization': 'ACCESS_TOKEN',
  'Content-Type': 'application/json'
}
payload = {
  'electronicDeviceId': 'D1',
  'provider': 'fina'
}
response = requests.post(url, json=payload, headers=headers)        
      

Your access token displayed in examples.

Go live

Once all the above steps are complete we are ready to enable fiscalization.

NOTE: While we validate steps for fiscalization configuration, there are certain parts of the process, like the creation of the legal act, acquisition of a valid certificate, correct business premise and electronic device setup, that we do not control and is thus left to the users to ensure is correct before going live.

To enable fiscalization the following settings have to be added or updated on the given organization's defaults. See the Defaults section for more details.

fina_env
String, defaults to production if not set and can also be test. Indicates which FINA fiscalization API endpoint to call.

fina_strategy
String, defaults to P if not set, one of P, N. Indicates numbering strategy to use. Either per business premise (P) or per electronic device (N). P is the recommended value.

fina_verifying
Boolean indicates if fiscalization is enabled.