Skip to content

Error and Timeout Handling

The top priority when implementing the fiskaly SIGN DE API is to keep the POS system up and running at all times.

In the optimal case, the API is implemented in such a way that the smooth operation of the cash register can be guaranteed at all times. Here’s how to achieve this.

In the event that the TSS is unavailable or temporarily unstable, the checkout process must not be disrupted. Timeouts depend heavily on the frequency of the POS system. As a manufacturer, you should decide which timeout length you consider reasonable. No request should ever be open long enough to jeopardize smooth cash register operation.

EndpointRecommended TimeoutNotes
Transaction endpoints3 - 5 secondsMost critical for checkout flow
TSS creation & personalization30 seconds minimumOne-time setup operation
Authorization3 - 4 secondsToken refresh, not every request
DSFinV-K endpointsUp to 10 minutesHeavy processing / data exports

When a request fails or times out, follow this approach:

  1. Detect the failure

    Set appropriate timeouts per endpoint type (see table above). When a timeout or HTTP error occurs, catch it gracefully without blocking the checkout.

  2. Continue the checkout

    Allow the transaction to proceed even without a TSS signature. Record the transaction locally with all available data.

  3. Mark the receipt

    Add a clear note on the receipt such as “TSS not available” or “TSS signing failed” as recommended by the financial authorities.

  4. Record in DSFinV-K

    Ensure the unsigned transaction appears in the DSFinV-K export using the transactions.security.error_message field instead of transactions.security.tss_tx_id.

A missing signature on the document does not mean the document is not in compliance with the law (see Punkt 7 AEAO to § 146a). However, the fiskaly API must be implemented in such a way that each transaction requests a signature. If it is not possible to acquire one, the DSFinV-K rules apply.

The financial authorities recommend adding a clear note on the receipt for unsigned transactions, such as:

“TSS not available” or “TSS signing failed”

Authorization is initially done via API Key and API Secret. You will receive:

TokenValidity
access_token24 hours
refresh_token48 hours

You can use these tokens to reauthorize yourself on an ongoing basis. If you receive a 401 response, simply reauthorize via API Key and Secret.

Was this page helpful?