Configure GSP credentials (GSTN integration)

GSTN is the official GST portal. GSPs (GST Suvidha Providers) are CBIC-authorised intermediaries that provide API access to GSTN. ThynkTax uses a GSP under the hood for every GSTR fetch, filing, and IMS action.

Two options

1. Use ThynkTax's bundled GSP (default) - included in your subscription, no separate billing, no extra setup.
2. Bring your own GSP - if your firm has an existing GSP relationship (MasterGST, GSTHero, etc.) and you want to consolidate billing, you can configure your own credentials.

Option 1: Bundled GSP (default)

Nothing to configure. When you click "Fetch 2B" or "File GSTR-3B" in the GST module, ThynkTax routes the request through its bundled GSP automatically. The first time a client GSTIN is used, GSTN sends an OTP to the client's registered mobile/email; the client enters it once, then the GSP token is stored for 6 months.

Option 2: Bring your own GSP

Settings → Integrations → GSP

Choose your provider, then enter:

• Provider - MasterGST / GSTHero / Other
• Client ID (issued by the GSP)
• Client Secret
• API endpoint - typically defaulted by the provider

ThynkTax tests the credentials and shows a green tick when validated.

Re-authentication

GSP tokens expire every 6 months (CBIC mandate). ThynkTax shows a banner on the GST dashboard 30 days before expiry, with a one-click re-auth flow.

What gets logged

Every GSP-routed call is logged with:

• Timestamp
• Endpoint hit (e.g. /gstr2b/fetch)
• Client GSTIN
• Request ID returned by GSTN
• Response code

This log lives in Settings → Security → Audit log → GSP and is what we surface to CBDT/CBIC in case of a portal-side investigation.