Tickstar continues to comply well above the OpenPeppol SLA of 99.5%. The availability times are inclusive of maintenance, demonstrating the reliability of our services.
Tickstar services are highly scalable. Our systems are designed to support millions of users sending and receiving billions of annual invoices. For an individual client, we are capable of exchanging thousands of transactions all at once.
Cloud hosting and storage
As Tickstar operates in over 20 countries, we have a range of cloud hosting locations to support each region. We currently use AWS cloud hosting for all of our available services. Our customers have the ability to select which region works best for their security and data residency preferences. Locations currently available include Australia (ANZ region), Singapore (Asia region) and Ireland (European region).
Secure and trusted
We are ISO27001 independently certified.
Tickstar is one of the largest, and most broadly used Peppol service providers with customers in over 20 countries. Many of the world’s leading organisations such as Xero, SAP, DBS Bank, Pagero, Singapore Government, Government of Netherlands, Kofax and OpenText all rely on Tickstar’s infrastructure to deliver their Peppol services.
Tickstar developed the first production ready Peppol Access Point, and delivered the first ever cross-border transaction through the Peppol network. Tickstar is one of only 3 SMP providers globally and the only true multi-tenant SMP provider. Tickstar is accredited and certified to provide Peppol services across Europe, Australia, New Zealand, Singapore and Japan.
The SMP API
This is the second version of the Tickstar API. Note that some of the controllers have been deprecated from version 1. For these specific services move to version 2.1 of the API instead.
Only businesses registered with an SMP are visible in the Peppol Directory. Click here to get a free SMP trial LINK - Contact Me
Does my organization need an SMP?
A business requires an SMP in order to receive documents from other companies and government agencies on the Peppol network.
Businesses that only send do not need to be registered in an SMP; an Access Point is sufficient. An SMP is necessary for any organization receiving documents.
How can you get your own Peppol Access Point?
Your business can set up your own Peppol Access Point or partner with a certified Peppol Access Point provider. There are a lot of hoops to jump through to set up your own AP. In short:
- Become a member of OpenPeppol,
- Understand the technical concept of Peppol and the requirements
- Demonstrate secure and stable technical architecture.
- Conduct mandatory testing.
- Host and manage your own software and infrastructure.
Take the hassle out of accreditation, Let us help!
Get accredited and on boarded in days, we're here to quickly set you up for success
Why should you have a Peppol Access Point (AP)?
The main reason to have a Peppol AP is to be able to easily connect with other business entities that are already using the Peppol network. By having your own AP, you avoid having to establish roaming agreements with other service providers. This can save you both time and money.
How do we get our own Peppol Access Point?
Setting up an Access Point can be a daunting task.
Get in touch with us so we can talk about your requirements. When we have a signed contract the setup of your Peppol Access Point and SMP can begin.
The mandatory testing and approval process for new Peppol Access Points is completely taken care of by us.
If you want the SMP service only, you don’t have to sign an agreement with Peppol and the actions listed below don’t apply.
1) I just want the SMP! (contact me form)
2) This is what the general process looks like when signing up for the Access Point service with us:
- Join OpenPeppol, sign the Service Provider agreement with a Peppol authority, and settle the OpenPeppol membership fee.
- Start to prepare and understand and process ACK/NACKs as well as the envelope needed when you exchange documents with Peppol. Current versions of the mandatory Peppol BIS message types can be found here. There are also sets of national Peppol documents' such as the ones listed below:
- If you decide to go for the White labeled Access Point service, we will request your Test AP certificate. Please provide your most recent Annex 1 along with a company registration document from a public authority in your country. When you receive an e-mail and an SMS passcode from Peppol, please pass them on to us so we can enroll you for your certificate. We recommend this step as a part of our implementation process If you already have an AP certificate, please follow this procedure to share it with us.
- We get to work! Setting up and configuring your Access Point instance and preparing it for Peppol Testbed accreditation.
- Ensure that you can perform write and delete actions on the ftp account we have created for you.
- Testing begins! We will perform the Peppol Testbed rounds and upload the pdf test report to Peppol’s Helpdesk as well as a request for your Production AP certificate. which will render another e-mail and SMS passcode from Peppol to you. Pass them on to us without taking any further action and we´ll manage this as well.
- When we notify you about your Production AP being deployed, you should follow this procedure to verify the setup. It will ensure that you can handle ACK/NACKs as well as incoming files from other Peppol APs.
- Done! Congratulations! You can now exchange messages with all Peppol Access Point! All of this takes about 2-4 hours and we will bill you for the hours.
We have already enrolled for the Access Point certificate, what now?
If you already have a non-expired AP certificate? Perfect! We´ll use this to deploy your Access Point! Please provide the private-key-pair unchained in PKCS#12 in the same format as exported from the browser, in a PKCS#12 as a .p12 file.
Safety first! Please ensure to use the below means of communication to share the certificate with us so we can guarantee the protection of its integrity. If you use another way to send your certificate we If you share in any other way we will not take responsibility for the protection of its integrity.
Our Access Point certificate is about to expire. What are the next steps?
Like sand through the hourglass so goes the cycle of AP certificates. Every 24 months your AP certificate has to be renewed, a process that involves OpenPeppol. If the certificate expires it will make your AP non-interoperable with other APs. Let's not make that happen, we´re here to make the renewal process as smooth as possible for you.
Don't stress, we got you covered in these nine easy quick steps :
- We will notify you about your AP certificate expiry well in advance of the expiration date
- We will ask you to provide
- A business registration document issued by an authority in your country, not older than 6 months
- B signed Peppol Service Provider Agreement (that came into effect on July 1 2022)
- C contact details (email address and mobile phone number) of the person in your company that is the contact for the certificate
- We need to know if you have Peppol participants in other SMPs than in the Tickstar SMP.
- We will initiate the request process through Peppol’s Helpdesk for both a Test and Production AP certificate
- You will receive an enrollment e-mail from the Enterprise PKI Team <email@example.com> and SMS passcodes from Peppol related to each of the requested Test and Prod certificates. Please forward all of them to us
- We will enroll for your certificate.
- We will update the certificate in your AP instance and in the Tickstar SMP.
- We will send the public key of the AP certificate to you
- You will have to update other SMPs in which you have Peppol participants, using the public key you received in the previous step.
The entire process only takes about 2-4 hours for us to complete and we wil charge for those.
What is an SMP? Do we need one?
An SMP (service metadata publisher) publishes the receiving capability of a Peppol receiver – also known as a Peppol participant. Unless a Peppol receiver is registered in an SMP no one can send any documents to it. The receiver also has to be published to the SML (service metadata locator), which is done by dragging the slider “Publish in SML” in the SMP of Galaxy Gateway when creating the participant.
Parties that only send are not necessarily registered in an SMP.
Why not Sign up for a free SMP account and look for yourself? Please remember that the SMP interacts with the SML only and not the SMK (the SML test environment). If sending Peppol Access Point (corner 2) use a Test certificate, this SMP can’t be used. If you want to use an SMP that supports the SMK you should use the Test SMP on https://www.test.galaxygw.com
How are Peppol receivers identified?
A Peppol receiver needs to be registered in an SMP and it can only be registered in one (1) SMP. It is identified using a combination of any of the ISO6523 identifiers available and the corresponding identifier value. If you can’t perform a Participant Lookup for the receiver, you are using an incorrect ParticipantID. Check here for a sample lookup: https://my.galaxygw.com/participantlookup#/0007/5567212047
For eg the syntax of the ReceiverID looks like this for a Swedish organization number: 0007:5567212047. The corresponding GLN identifier for that organization number is 0088:7365567212048. You should put the ReceiverID in line 12 in the SBDH envelope. Please go here for a current ISO 6523 code list used in Peppol.
How do we wrap Peppol files using the required SBDH envelope?
The SBDH envelope is an XML structure in which the business document (message payload) is wrapped. Learn more about it here.
We received a NACK (negative acknowledgment). What now?
If you are still in the test phase the most likely reason is that you sent non-conformant data in the envelope.
The error description in the RCPT file will help you to amend it and re-send your file. Please verify that it is a valid xml file with all mandatory elements. If you received a high-level validation warning/error in the RCPT, the business document was not fully compliant with the Schematron rules for that document type.
That folder should normally be empty but if such a file can be found, your file was either not well formed or had a fatal SBDH error. Ensure that the SBDH is complete and correct by using any of the online XML Validators available. Resubmit the file.
If you are in production with your Peppol Access Point you should check if the receiving Access Point is online or not – please use the Peppol AP Monitor. To find out which AP a receiver use, just perform a Participant Lookup. You should take appropriate action depending on the error code(s) you received in the NACK.
For a full list of error codes and recommended actions, go here.
We received an ACK (positive acknowledgement) but the file did not reach the receiver. What should we do?
If you receive an ACK (code 200) you can be certain that the file was successfully delivered to the next Peppol Access Point.
If that file did not reach the end receiver, the receiving Access Point has to be notified.
Use the RecipientIdentifier to find the receiver’s Peppol Access Point contact details by doing a Participant Lookup. You can find the receiver identifier in the file you sent, refer to line 9 in the SBDH sample on the payload-envelope.
The ReceiverID should look something like ‘0007:5567212047‘.
How can I find the helpdesk contact details to a Peppol Access Point?
To find the helpdesk contact details to the receiver’s Peppol Access Point or SMP, just perform a Participant Lookup using the identifier of the receiver.
You can find the receiver identifier in the file you sent, refer to line 9 in the SBDH sample on https://www.tickstar.com/support/payload-envelope.
Use the RecipientIdentifier to find the receiver’s Peppol Access Point contact details by doing a Participant Lookup. You can find the receiver identifier in the file you sent, refer to line 9 in the SBDH sample on https://www.tickstar.com/support/payload-envelope.
The ReceiverID should look something like ‘0007:5567212047‘
How do I find out in which SMP a participant is registered or which Access Point a Peppol receiver uses?
You can easily find out in which SMP a participant is registered and which Access Point (AP) it uses to receive. Its a classic Participant Lookup you need to perform. Use the identifier of the receiver to find the contact details of the receiver’s AP. For this you need the receiver’s Peppol ID, which includes the ISO 6523 code.
Become fluent in Peppol – What do all the buzzwords mean?
AS2 Applicability Statement 2 – a protocol for secure and reliable data transport over the internet. AS2 replaced START on Sep 1st 2014 as the mandatory transport protocol between Peppol Access Points. From Feb 1st AS2 will be an optional transport protocol in Peppol.
AS4=Applicability Statement 4 – a protocol for secure and reliable web service-based data transport over the internet. AS4 replaced AS2 on Feb 1st 2020 as the mandatory transport protocol between Peppol Access Points.
Access Point (AP) = Exchanges documents with other APs. An AP is typically operated by a service provider. A technical term for Access Point is ‘endpoint’.
BIS = The Peppol implementation of a CEN BII specification. BIS is an abbreviation of “Business Interoperability Specification“. The documentation can be found here.
EHF = Elektronisk Handelsformat (Electronic trade format). This is the most commonly used e-invoice standard in Norway. IA slightly modified CEN BII/Peppol BIS invoice. Implementation guide here. Please refer to Annex 5, page 4, for additional information.
Four corner model = The architecture of Peppol supports a setup where the sender of a file (Corner 1 or C1) transmits a file to its service provider (C2) that operates an Access Point. C2 forwards it to C3, the service provider of the receiver. Finally, the file is transmitted to the end receiver of the file (C4). C2 operates on behalf of C1. C3 operates on behalf of C4. Link to our 4 corner model
ISO 6523 = Codes for identifying organizations and parts thereof. A list of identifiers currently used in PEPPOL is available at https://www.tickstar.com/iso6523. Also please refer to http://en.wikipedia.org/wiki/ISO/IEC_6523 and http://www.cyber-identity.com/download/ICD-list.pdf for more information.
Participant = The end receiver of a Peppol transaction. In the four-corner model, it is Corner 4. A participant needs to be registered in an SMP the receiving capability becomes known to the sending Access Point.
SMP = Service Metadata Publisher. An SMP is a registry that stores receivers’ metadata such as their Peppol Identifier(s), document type receiving capabilities and which access point(s) they use to receive each document type
SMK = Service Metadata Locator for test scenarios. The SMK is only used to exchange files between Peppol Access Points with pilot certificates. Participants can be added to the SMK by SMPs that support updating the SMK.
SML = Service Metadata Locator. The SML is a DNS storing the CNAMEs for all SMP’s and the URL to the SMP in which a certain participant resides. A change in the SML takes some time to propagate to the user doing a lookup depending on various DNS caches (and their TTL values) between you and the SML.
START = Secure Trusted asynchronous Reliable Transport – the Peppol Transport Protocol for exchanging messages between Access Points. The START protocol was discontinued in Peppol on Sep 1st2014 and replaced by AS2.
Participants using different APs to receive?
Peppol supports the scenario where a participant can use different Access Points (AP) for receiving.
Let´s assume that the participant wants to
use AP1 to receive invoices
use you (AP2) to receive orders
AP1 is the Access Point that first registered the participant in an SMP and as you know, a Peppol participant can only be registered in one (1) SMP.
Here’s how to do it if you discover that the participant you try to register in Galaxy Gateway SMP has already been registered by someone else, AP1.
AP2 (you) have to share your AP configuration (as in the below screenshot) with AP1. AP2 can find the necessary information by following these steps:
- Login to https://my.galaxygw.com
- Click “Access Points”
- Click your AP and “Edit”
- Copy the following values
- Access point Name
- Contact e-mail
- Access point endpoint URL
- Endpoint Information URL
- Certificate (save it in a separate .txt file)
AP2 should provide the above information to AP1 so they can add AP2’s configuration to their SMP account. Here’s how to find the contact details for AP1.
AP1 can now use that data to create AP2’s configuration in the SMP and associate AP2’s document types to the participant.
Woho! Your Access Point instance is deployed, what now?
Congrats! We´ve set up your Peppol Access Point instance and you are now able to use it for message exchange with other APs. Let's verify that everything works as it should!
Sign in to your SMP user account on https://my.galaxygw.com. Never logged in here before? Go ahead and do a password reset by clicking “Forgot password?”.
Verify that your AP configuration looks correct. Click “Access Points” and check the configuration details we have created for you.
- Click “Participants” and verify that it looks correct.
- Sign in to your ftp account with the credentials you have received from us.
- Move the DLVY file from the folder ‘from-peppol’ to the folder ‘to-peppol’.
- Wait a minute and you will receive 2 files in the ‘from-peppol’ folder.
- Drumroll, please! It's all set and you are now ready to go!
Deep dive on the steps check here https://www.tickstar.com/support/integration-testWe also recommend you familiarize yourself with https://www.tickstar.com/article/communication/ and https://www.tickstar.com/article/receipts-ack-nack/.