Configure and manage your eTIMS OSCU (Online Sales Control Unit) device. Initialize devices with KRA, set up CMC keys, and monitor connection health.
| Scope | Description |
|---|---|
etims:read |
View device info, health check, business info, branches |
etims:write |
Initialize device |
| Method | Endpoint | Description | Scope |
|---|---|---|---|
GET |
/api/etims/device/info |
Get device configuration and status | etims:read |
POST |
/api/etims/device/initialize |
Initialize device with KRA | etims:write |
GET |
/api/etims/health |
Check connection to KRA servers | etims:read |
GET |
/api/etims/business/info |
Get taxpayer/business information | etims:read |
GET |
/api/etims/business/branches |
Get branch list | etims:read |
Your POS / ERP System
|
v
Salami Gateway API (Bearer token auth)
|
v
eTIMS OSCU Client (TIN + BHFID + CMC Key headers)
|
v
KRA eTIMS Server (https://etims-api.kra.go.ke)
Retrieve your eTIMS device configuration and current status.
Endpoint: GET /api/etims/device/info
Required Scope: etims:read
Request:
curl -X GET \
https://yourtenant.salami.dgl.co.ke/api/etims/device/info \
-H 'Authorization: Bearer YOUR_API_TOKEN'
Response:
{
"success": true,
"data": {
"tin": "P051234567A",
"bhfid": "00",
"device_serial": "DVC2026001",
"business_name": "Acme Limited",
"branch_name": "Main Branch",
"status": "active",
"last_sync": "2026-03-29T15:30:00Z",
"initialized": true,
"environment": "production",
"cmc_key_set": true
}
}
| Field | Type | Description |
|---|---|---|
tin |
string | Taxpayer Identification Number |
bhfid |
string | Branch ID (00 = head office) |
device_serial |
string | Device serial number registered with KRA |
business_name |
string | Registered business name |
branch_name |
string | Branch name |
status |
string | active, inactive, or pending |
last_sync |
string/null | Last successful sync with KRA |
initialized |
boolean | Whether the device has been initialized |
environment |
string | sandbox or production |
cmc_key_set |
boolean | Whether a CMC key has been configured |
Initialize your OSCU device with KRA. This is a one-time setup step required before any other eTIMS operations.
Endpoint: POST /api/etims/device/initialize
Required Scope: etims:write
Request Body:
| Field | Type | Required | Description |
|---|---|---|---|
tin |
string | Yes | Taxpayer Identification Number |
bhfid |
string | Yes | Branch ID (e.g., 00 for head office) |
device_serial |
string | Yes | Device serial number from KRA |
Request:
curl -X POST \
https://yourtenant.salami.dgl.co.ke/api/etims/device/initialize \
-H 'Authorization: Bearer YOUR_API_TOKEN' \
-H 'Content-Type: application/json' \
-d '{
"tin": "P051234567A",
"bhfid": "00",
"device_serial": "DVC2026001"
}'
Response:
{
"success": true,
"data": {
"status": "initialized",
"tin": "P051234567A",
"bhfid": "00",
"device_id": "DEV-KE-001",
"cmc_key": "ABCD1234EFGH5678IJKL9012MNOP3456",
"registration_date": "2026-03-29T16:00:00Z"
},
"message": "Device initialized successfully with KRA"
}
| Field | Type | Description |
|---|---|---|
status |
string | initialized or failed |
cmc_key |
string | Communication key returned by KRA (store securely) |
device_id |
string | KRA-assigned device identifier |
registration_date |
string | ISO 8601 initialization timestamp |
Important: The
cmc_keyis returned only during initialization. Store it securely -- it is required for all subsequent eTIMS API calls.
Check the connection status with KRA eTIMS servers. Performs a lightweight ping request.
Endpoint: GET /api/etims/health
Required Scope: etims:read
Request:
curl -X GET \
https://yourtenant.salami.dgl.co.ke/api/etims/health \
-H 'Authorization: Bearer YOUR_API_TOKEN'
Response (healthy):
{
"success": true,
"data": {
"status": "healthy",
"kra_server": "reachable",
"last_successful_sync": "2026-03-29T15:30:00Z",
"response_time_ms": 234
}
}
Response (unhealthy):
{
"success": true,
"data": {
"status": "unhealthy",
"kra_server": "unreachable",
"last_successful_sync": "2026-03-29T10:00:00Z",
"response_time_ms": null,
"error": "Connection timed out"
}
}
Retrieve the taxpayer/business information registered with KRA for the configured eTIMS device.
Endpoint: GET /api/etims/business/info
Required Scope: etims:read
Request:
curl -X GET \
https://yourtenant.salami.dgl.co.ke/api/etims/business/info \
-H 'Authorization: Bearer YOUR_API_TOKEN'
Response:
{
"success": true,
"data": {
"tin": "P051234567A",
"taxpayer_name": "ACME LIMITED",
"business_type": "Company",
"address": "P.O. Box 12345-00100, Nairobi",
"phone": "+254712345678",
"email": "info@acme.co.ke",
"station": "Nairobi"
}
}
Retrieve all branches registered under the taxpayer's TIN.
Endpoint: GET /api/etims/business/branches
Required Scope: etims:read
Request:
curl -X GET \
https://yourtenant.salami.dgl.co.ke/api/etims/business/branches \
-H 'Authorization: Bearer YOUR_API_TOKEN'
Response:
{
"success": true,
"data": [
{
"bhfid": "00",
"branch_name": "Head Office",
"address": "Nairobi CBD",
"status": "Active"
},
{
"bhfid": "01",
"branch_name": "Mombasa Branch",
"address": "Moi Avenue, Mombasa",
"status": "Active"
}
]
}
The CMC Key (Communication Key) is a cryptographic key assigned by KRA during device initialization. It authenticates all subsequent API requests to the eTIMS server.
All eTIMS requests include these headers (handled automatically by Salami):
tin: P051234567A
bhfId: 00
cmcKey: ABCD1234EFGH5678IJKL9012MNOP3456
| Issue | Symptom | Resolution |
|---|---|---|
| Missing CMC key | 401 Unauthorized from KRA |
Initialize or re-initialize the device |
| Invalid CMC key | 403 Forbidden from KRA |
Re-initialize to get a new key |
| Wrong TIN/BHFID | 404 Not Found from KRA |
Verify TIN and branch ID in KRA App settings |
| Code | Description |
|---|---|
200 |
Success |
401 |
Invalid Salami token or missing CMC key |
403 |
Token lacks required scope |
404 |
Device not found or not initialized |
502 |
KRA eTIMS server unreachable |
etims-api-test.kra.go.ke) firstBack to: KRA Overview | eTIMS Sales