Manage authorisations
If you’re a principal authority or authorisation administrator, Relationship Authorisation Manager (RAM) allows you to manage who can act on behalf of your business with government online services.
To assist in managing existing authorisations, you can:
- apply filters such as ‘status’ or ‘authorisation type’ to refine your list of authorisations or when searching for particular authorisations
- export the details of up to 1,000 users you’ve authorised into a spreadsheet format (CSV file) from RAM.
Alternatively, follow these steps in the sections below:
- How to edit an authorisation
- How to remove an authorisation
- How to view or export the business History
- How to export the authorisation details
- How to renew a Basic authorisation
- How to renew your business authorisation (primary person)
How to edit an authorisation
To edit an authorisation:
- select View or manage authorisations, machine credentials and cloud software notifications from the home menu
- select the business name associated with the user
- select Edit next to the authorised user
- change the start date (it can’t be more than 30 days from the day you edit the authorisation)
- select Continue
- accept the declaration and select Submit
- a confirmation message will appear, select Continue.
The edits you can make to an authorisation depends on its status:
- Pending – You can edit the authorised user’s name, email address, authorisation start date, and end date, authorisation administrator status, and agency permissions.
- Accepted (with a future start date) – You can edit the authorisation start date, end date, authorisation administrator status, machine credential administrator status and agency permissions.
- Active – You can edit the authorisation end date, administrator status and agency permissions.
- Inactive – There is no action to take.
To change the authorisation of a Basic user to a Standard user, you need to create a new authorisation. Once accepted, the status of the Basic authorisation will change to Inactive – Overridden.
Watch:
How to remove an authorisation
To remove an authorisation:
- select View or manage authorisations, machine credentials and cloud software notifications from the home menu
- select the business name associated with the user
- select Remove against the authorised user
- select Yes to confirm.
You can't reinstate an authorisation after it’s removed. If required, you’ll need to set up a new authorisation.
If required, the following users can remove their own authorisation:
- Authorised user
- Authorisation administrator
- Basic user
- Responsible authority
- Government representative
- Indirect associate.
The authorisation of principal authorities who linked online cannot be removed, the authorisation remains unless they’re removed as an eligible individual associate of the business in the ABR.
How to view or export the business History
History displays the authorisation and machine credential activities for a business.
This can include the:
- date
- credential name
- action
- actioned by
- actioned by role
- representative name
- authorisation type
- authorisation status
- machine credential administrator
- current business email address
- start date
- end date
- agency access.
To export the business History, select:
- View or manage authorisations, machine credentials and cloud software notifications
- the business name
- History to view the business history log
- Authorisations or Machine credentials tab
- Export, then select Yes to export a report.
You can apply the 'actioned date' or 'actioned by' filters to refine your search.
How to export the authorisation details
The authorisation details displays a summary of all current and former authorisations for a business.
The exported authorisation details includes:
- representative name
- authorisation type
- authorisation status
- machine credential administrator
- current business email address
- start date
- end date
- agency access.
To export the authorisation details for the business, select:
- View or manage authorisations, machine credentials and cloud software notifications
- the business name
- History
- Export, then select Yes to export a report.
You can export up to 1,000 records at once. If there are more than 1,000 records, you’ll need to export multiple reports. You can use the search and filter options to refine the list of authorisations.
How to renew a Basic authorisation
Basic users can only be authorised for up to 12 months. Before expiry, you’ll receive reminders (to the email address you used to link to the business and in RAM) to renew the authorisation.
The authorisation can be renewed from 40 days before it expires.
If a Basic user has customised permissions, for example, in the ATO’s Access Manager, these will be removed when you renew their authorisation. We recommend you note these permissions before you renew, to help you set them up again afterwards.
To renew a single Basic authorisation:
- select View or manage authorisations, machine credentials and cloud software notifications
- select the relevant business
- select Renew next to the person’s name
- complete the renewal details, accept the declaration and select Submit
- you’ll receive a notification to confirm the authorisation has been successfully renewed in RAM
- set permissions (if required) – for example, in the ATO’s Access Manager.
To renew multiple Basic authorisations:
- select View or manage authorisations, machine credentials and cloud software notifications
- select the relevant business
- select Renew in the notification box at the top of the screen
- select all or choose specific authorisations to renew
- complete the renewal details for each, accept the declaration and select Submit
- you’ll receive a RAM renewal outcome summary – including any unsuccessful renewals
- set permissions (if required) – for example, in the ATO’s Access Manager.
If a Basic authorisation expires before it’s renewed, you’ll need to create a new authorisation for that user. They may need to complete proof of identity requirements again.
Watch:
How to renew your business authorisation (primary person)
If you linked a business as a primary person, your authorisation type displays as government representative, indirect associate or responsible authority and is valid for up to 12 months.
Before expiry, you’ll receive reminders (to the email address you used to link to the business and in RAM) to renew.
Your authorisation can be renewed from 40 days before it expires.
To renew a single business authorisation:
- select View or manage authorisations, machine credentials and cloud software notifications
- select Renew next to the relevant business name
- review the renewal details – you can choose an earlier end date if required
- accept the declaration and select Submit.
A message will display confirming your business authorisation has been successfully renewed.
To renew multiple business authorisations:
- select Renew in the notification box on the RAM landing page or in the View or manage authorisations, machine credentials and cloud software notifications menu
- select all or choose specific authorisations you want to renew
- review the renewal details and select Continue - you can choose an earlier end date if required
- check the summary, accept the declaration and select Submit.
A message will display with the renewal outcome. This can include successful and unsuccessful renewals.
If your authorisation expires, you’ll need to link again as a principal authority to regain your access. An expired authorisation doesn't affect authorisations you’ve set up for others.
Watch: