Introduction
On July 13, 2017, the Financial Secretary to the Treasury and Paymaster General in the United Kingdom announced that Making Tax Digital (MTD) for value-added tax (VAT) will take effect on April 1, 2019.
To support the MTD for VAT requirements on Dynamics AX 2012 R3 the hotfix was released: KB 4488588.
Additionally,
HM Revenue and Customs (HMRC) introduced compulsory to supply header
information for VAT API from April 2019 to prevent fraud. For more information,
see Fraud prevention.
Overview
To prevent fraud, APIs of the HMRC provide HTTP headers that must be used to pass audit data.
Depending on the architecture of the environment used by a company which interoperates with the MTD for VAT different set of HTTP headers for fraud prevention must be transmitted. “Gov-Client-Connection-Method” header must represent the connection method used for the request by the company. It is supposed that most companies using Dynamics AX 2012 R3 use “DESKTOP_APP_VIA_SERVER” connection method. Usage of this connection method assumes transmission of the following headers:
|
HTTP header |
Description |
Coverage |
|
Gov-Client-Public-IP |
The public IP address (IPv4 or IPv6) from which the originating device makes the request. |
Not in scope of the current hotfix. |
|
Gov-Client-Public-Port |
The public TCP port that the originating device uses when initiating the request. |
Not in scope of the current hotfix. |
|
Gov-Client-Device-ID |
An identifier unique to an originating device. |
Included into the current hotfix. |
|
Gov-Client-User-IDs |
A key-value data structure containing the user identifiers. |
Included into the current hotfix. |
|
Gov-Client-Timezone |
The local time-zone of the originating device. |
Included into the current hotfix. |
|
Gov-Client-Local-IPs |
A list of all local IP addresses (IPv4 and IPv6) available to the originating device. |
Not in scope of the current hotfix. |
|
Gov-Client-Screens |
Information related to the originating device’s screens. The fields include:
|
Included into the current hotfix. |
|
Gov-Client-Window-Size |
The number of pixels of the window on the originating device in which the user initiated (directly or indirectly) the API call to HMRC. |
Included into the current hotfix. |
|
Gov-Client-User-Agent |
An attempt to identify the operating system family, version, device manufacturer and model of the originating device. |
Partially included into the current hotfix. (OS version only) |
|
Gov-Client-Multi-Factor |
A list of key-value data structures containing details of the multi-factor authentication (MFA) statuses related to the API call. |
Not in scope of the current hotfix. |
|
Gov-Vendor-Version |
A key-value data structure of software versions involved in handling a request. |
Included into the current hotfix. |
|
Gov-Vendor-License-IDs |
A key-value data structure of hashed license keys relating to the vendor software initiating the API request on the originating device. |
Not in scope of the current hotfix. |
|
Gov-Vendor-Public-IP |
The public IP address of the servers to which the originating device sent their requests. |
Not in scope of the current hotfix. |
|
Gov-Client-MAC-Addresses |
The list of MAC addresses available on the originating device. |
Included into the current hotfix. |
|
Gov-Vendor-Forwarded |
A list that details hops over the internet between services that terminate TLS. |
Not in scope of the current hotfix. |
Setup
By default, your requests to HMRC are transmitted without fraud prevention headers. You must activate transmission of fraud prevention headers during interoperating with API of the HMRC.
To activate transmission of fraud prevention headers during interoperating with API of the HMRC, open General ledger > Setup > External services > Web serviceparameters form and mark "Include fraud prevention parameters" checkbox:
When “Include fraud prevention parameters" parameter is marked, you will see the following dialogbox each time you initiate a request to HMRC:
This dialogbox provides information which will be addressed to HMRC. You may disable addressing fraud prevention headers to the HMRC if you unmark the “Include fraud prevention parameters" parameter in General ledger parameters, API requests without fraud prevention headers may be rejected by HMRC.
It is strictly recommended to address API requests to HMRC with fraud prevention headers.
Hotfix information
A supported hotfix is available from Microsoft. There is a "Hotfix download available" section at the top of this Knowledge Base article. If you are encountering an issue downloading, installing this hotfix, or have other technical support questions, contact your partner or, if enrolled in a support plan directly with Microsoft, you can contact technical support for Microsoft Dynamics and create a new support request. To do this, visit the following Microsoft website:
https://mbs.microsoft.com/support/newstart.aspx
You can also contact technical support for Microsoft Dynamics by phone using these links for country specific phone numbers. To do this, visit one of the following Microsoft websites:
Partners
https://mbs.microsoft.com/partnersource/resources/support/supportinformation/Global+Support+Contacts
Customers
In special cases, charges that are ordinarily incurred for support calls may be canceled if a Technical Support Professional for Microsoft Dynamics and related products determines that a specific update will resolve your problem. The usual support costs will apply to any additional support questions and issues that do not qualify for the specific update in question.
How to obtain the Microsoft Dynamics AX updates files
This update is available for manual download and installation from the Microsoft Download Center.
Prerequisites
You must have one of the following products installed to apply this hotfix:
-
Microsoft Dynamics AX 2012 R3
Restart requirement
You must restart the Application Object Server (AOS) service after you apply the hotfix.
