eTIMS

eTIMS API Authentication: How It Works for Developers

K By Kev 14 June 2026 8 min read
Share
eTIMS guide

eTIMS API authentication is the first thing a developer integrating with eTIMS has to get right, because a system must prove its identity to KRA before it can transmit invoices. This guide gives a conceptual overview of how authentication fits the integration and where to get the authoritative detail. The exact specification is owned by KRA, so always build against the official documentation.

Quick answer

eTIMS API authentication is how an integrated system proves its identity to KRA before it can transmit invoices, typically using device or account credentials issued during onboarding. The exact scheme, credentials and endpoints are defined by KRA, so build against the official eTIMS API documentation or work through a certified integrator.

Key takeaways
  • Authentication proves your system's identity before it can transmit to eTIMS
  • Credentials are tied to your registered business and control unit, issued during onboarding
  • The exact scheme and endpoints are defined by KRA, not third parties
  • Build against the official eTIMS API documentation or use a certified integrator
  • Always test in the sandbox before going live
On this page
  1. Where authentication fits
  2. How to approach eTIMS authentication as a developer
  3. Mistakes to avoid
  4. A worked example
  5. How Veira helps
  6. Frequently asked questions

Where authentication fits

When an integrated system sends invoices to eTIMS, KRA needs to know the request comes from a registered, authorised business and control unit. Authentication is that identity check: the system presents credentials, and KRA accepts or rejects the connection.

The credentials are tied to your onboarding, your business and your control unit. Because the precise scheme, fields and endpoints are defined and updated by KRA, the only reliable source is the official eTIMS API documentation or a certified integrator who builds to it.

How to approach eTIMS authentication as a developer

  1. 1

    Onboard the business and control unit first

    Authentication credentials come from a completed eTIMS onboarding. Make sure the business and its control unit are registered before you build.

  2. 2

    Get the official API documentation

    Work from KRA's official eTIMS API documentation for the current authentication scheme, fields and endpoints. Do not rely on second-hand or outdated descriptions.

  3. 3

    Implement against the sandbox

    Build and authenticate against the eTIMS sandbox environment first, so you can test without touching live records.

  4. 4

    Handle credential storage securely

    Store credentials securely and follow good practice for secrets, since they authorise transmitting invoices on the business's behalf.

  5. 5

    Validate then go live

    Once authentication and a full invoice flow work in the sandbox, move to live and monitor the first transmissions closely.

Mistakes to avoid

Building from unofficial specs

Authentication details change and are owned by KRA. Building from a blog or an old copy leads to failures. Use the official documentation.

Skipping the sandbox

Testing authentication against live is risky. Validate in the sandbox first.

Mishandling credentials

Credentials authorise invoice transmission. Store them securely and never expose them in client code or logs.

Ignoring onboarding

Without completed onboarding there are no valid credentials. Register the business and control unit first.

A worked example

Worked example

A developer building a POS integration started by trying to authenticate from a forum example and kept getting rejected.

Switching to KRA's official eTIMS API documentation, completing the onboarding to obtain valid credentials, and testing against the sandbox got authentication working cleanly. Only then did they connect the live invoice flow.

Authentication is straightforward when built from the official spec against the sandbox, and frustrating when built from second-hand descriptions.

Business impact

Trading without eTIMS-compliant tax invoices risks KRA penalties, blocked VAT input claims for your customers, and receipts a business buyer cannot expense.

Veira signs every sale to KRA eTIMS automatically, so each receipt is compliant the moment it prints, with no separate device to reconcile.

How Veira helps

If you would rather not build and maintain an eTIMS integration yourself, Veira provides compliant invoicing out of the box, with the authentication, signing and transmission handled for you.

That lets a business be compliant without a developer maintaining an API connection. See how Veira works or book a demo.

Frequently asked questions

How does eTIMS API authentication work?
A system proves its identity to KRA using credentials tied to the registered business and control unit, issued during onboarding, before it can transmit invoices. The exact scheme and endpoints are defined by KRA, so build against the official eTIMS API documentation.
Where do I get eTIMS API credentials?
Credentials come from completing eTIMS onboarding for the business and its control unit. Register first, then obtain and use the credentials as described in KRA's official documentation. A certified integrator can also handle this for you.
Is there an eTIMS sandbox for testing authentication?
Yes, eTIMS provides a sandbox environment so you can build and test authentication and the full invoice flow without affecting live records. Always validate in the sandbox before going live.
Where is the official eTIMS API documentation?
The authoritative specification is published by KRA. Always build from the current official eTIMS API documentation rather than third-party descriptions, since the scheme, fields and endpoints can change.
Do I have to build the integration myself?
No. You can use a certified integrator, or a ready solution like Veira that provides compliant invoicing with authentication, signing and transmission handled for you, so no developer needs to maintain the connection.

For more eTIMS guides and compliance resources, visit our free resource site.

Terms explained

Keep reading

See all eTIMS guides

Veira for your business

Browse Veira by business type