Your opinion matters, providing your feedback is important and helps us improve RAM.

Set up authorisations

If you are a principal authority or authorisation administrator, you can create authorisations for employees and other individuals to work on behalf of the business. It is your responsibility to maintain the integrity of your business records. This is to ensure:

  • employees can easily identify who can authorise them
  • the correct people have been authorised to access government online services on behalf of your business.

You can authorise someone as a:

  • Authorisation administrator – can create and manage authorisations for others (a Basic user cannot be authorised as an authorisation administrator).
  • Authorised user – can work on behalf of a business.
  • Machine credential administrator (MCA) – can create and manage machine credentials to interact with government online services through business software (a Basic user cannot be authorised as an MCA).
  • Basic user – can work on behalf of a business with a Basic identity strength (available for limited government online services). Basic users can only be authorised for up to 12 months and will need to be renewed if the authorisation is still required after this period.

For each government online service, you can grant either:

  • Full access
  • Custom access
  • No access.

On this page:

See also:

Before you start

Check with the user you are authorising that:

  • they have set up their digital identity, such as myGovID
  • their full legal name matches the name used to set up their digital identity
  • their current business email address can only be accessed by them – this is where the authorisation request and future notifications are sent (it does not need to match the email address they used to set up their digital identity.).

See also:

If you use a tax professional

If you use a tax professional to meet your ATO tax obligations, you don’t need to authorise them (or their practice) in RAM as your agent will notify the ATO on your behalf. Other online services may require a tax professional to be authorised in RAM; check with the relevant agency.

Creating a new authorisation

To create a new authorisation:

  • select My authorisations
  • select the business you would like to add an authorisation to
  • click Add new user.

Then complete the following labels:

  • Representative type – select either Standard user or Basic user. If the representative’s digital identity has a Standard or Strong identity strength they’re a Standard user, if their identity strength is Basic they’re a Basic user.
  • Representative details – enter the user's full legal name and email address.
  • Authorisation details – select Yes or No for the user to be an authorisation administrator or an MCA (for a Standard user only). Enter a start and end date or it will default to no end date – this can’t be backdated or left blank as an end date is required for a Basic user (no longer than 12 months from the authorisation date).
  • Agency access – select the level of access (Full, Custom or None) for each agency. Choose the Select all option if you want to apply the same level of access to all. For Basic users, only agencies that accept Basic access will display.
  • Summary – review details and accept the Declaration. Select Show details for the full agency list.
  • Customise access if custom access is given for ATO online services to a Standard user, you will be redirected to the ATO’s Access Manager to set permissions. Before you can set permissions for a Basic user, they need to complete additional proof of identity requirements (automatically emailed to the user).

A new authorisation needs to be created when changing the authorisation of a Basic user to a Standard user. Once accepted, the status of the Basic authorisation will change to ‘Inactive – Overridden’.


See also:

Authorisation requests and codes

When you authorise someone, they will receive an authorisation request via email containing a code. The request must be accepted or declined within seven days.

Re-issuing authorisation codes

If an authorisation code has expired (not accepted within seven days) or is not working, a principal authority or authorisation administrator will need to re-issue a code. To do this:

  • select My authorisations
  • select the business name associated with the user
  • click View next to the user’s name which will have a pending status
  • click Re-issue a code under the authorisation code details
  • a message will confirm you want to re-issue a code, if you select yes a confirmation message will appear advising the code has been re-issued
  • click Continue.

See also: