USI (Unique Student Identifier)

Owned by Jeannie Hagarty (Deactivated)
Last updated: Oct 27, 2021 by Diane Momongan (Unlicensed)
3 min read

Objective

Upon Completion of this KB you will be able to obtain a new M2M key for USI generation

Complexity: HIGH

Page Contents

 

NOTE

Providers will need to register via this link: https://www.usi.gov.au/providers/forms/sar, in order to enable Paradigm to gain access to the USI Service.

 

Assumptions

  • The person obtaining an M2M key must have a personal myGov Portal account and myGovID

  • This personal myGovID must be authorised for use on behalf of the RTO company by the principal user of the company

  • The person creating the machine credential must be identified as the Machine Credential Administrator within the Relationship Authorisation Manager (RAM) system

Explanation:

A machine to machine (M2M) credential is now required in order for Paradigm to create or retrieve Unique Student Identifiers (USI) numbers on behalf of an organisation. The M2M credential replaces previous USI related authentication mechanisms such as AUSKey. This means providers will need to take action to ensure continued use of USI related functionality within Paradigm. Be aware that the terminology surrounding the process for obtaining a M2M credential has also changed.

The person creating the M2M key will be identified as the Machine Credential Administrator signifying they have been assigned the rights to issue credentials on behalf of the RTO company inside the Relationship Authorisation Manager (RAM) government website.

Key terms and concepts

Term

Explanation

Term

Explanation

Australian Tax Office (ATO)

Statutory agency and the principal revenue collection body for the Australian government with the responsibility for administering the Australian federal taxation system, superannuation legislation, and other associated matters.

Credential name

The name of your Paradigm site, for example demo6.edu.net.au

Entity name

The name of your institution, for example: Silverband Pty. Ltd.

Machine Credential

Machine credentials allow businesses and tax professionals to securely interact with Australian Tax Office online services through appropriately configured software systems.

Machine Credential Administrator

Individual with the authority to create a machine credential on a device to interact directly with ATO online services.

Machine to Machine (M2M)

The new authentication solution coming into effect from April 2020 to replace the previous Device AUSKey credential. The new solution consists of three components:

  • A machine credential – conceptually equivalent to a Device AUSkey credential

  • A Machine Authentication Service (MAS) – service provided by the ATO to validate machine credentials, and intended as a replacement to the VANguard Secure Token Service (STS) service

  • RAM – an authorisation solution which allows users to manage who can act on behalf of their business. Access Manager is accessible from RAM.

myGovID

Unique identifier for use within the MyGov Portal

MyGov Portal

The myGov portal is a simple and secure way to access government online services. Its aim is to provide Australians with a single online destination for accessing government services with one login and one password.

Relationship Authorisation Manager (RAM)

Relationship Authorisation Manager (RAM) allows you to set up and manage relationships and authorisations across government online services. This means that RAM lets you manage who can act on behalf of your business online. RAM is managed under the purview of the Australian Tax Office.

Unique Student Identifier (USI)

Unique Student Identifier - The USI initiative commenced on 1 January 2015 and is a reference number made up of ten numbers and letters that stays with the student for life. The USI will give the student access to an online record of your nationally recognised training in the form of a USI Transcript.

Implications

  • A valid machine credential must be provided to Silverband prior to a Paradigm site being able to use USI related functionality

Workflow

Note

There are three groups of tasks that need to be completed to successfully obtain a M2M key for USI generation.

  1. The ATO is responsible for allocating each myGovID

  2. Click on this link and follow the instructions: https://www.servicesaustralia.gov.au/individuals/online-help/create-mygov-account .

  1. If you have not already been designated as the principal user for your organisation then you will need to identify that person and ask them to authorise you to issue machine credentials for your organisation.

  2. Click on this link and follow the instructions: https://www.abr.gov.au/general-information/accessing-our-online-services-with-mygovid-and-ram

  1. To obtain/issue Machine Credential follow the instructions for steps 1 through 9 as described here: https://info.authorisationmanager.gov.au/guide-how-to-install-a-machine-credential

  2. Once you have selected the appropriate company Entity Name within RAM (Step 4) you should be able to issue a machine credential using your preferred Credential Name and enter a new keystore password.

    1. Entity name: the name of your institution (example: Silverband Pty Ltd )

    2. Credential name: your Paradigm site name (example: demo6.edu.net.au )

  3. Record in a secure place the Keystore password that you used.

  4. Record in a secure place the keystore file that was generated.

  5. You will provide both of these items of information to Silverband. We recommend that for security reasons, the keystore file and the password not be provided together via the same medium.

    1. The file keystore should be sent via a ticket in our online helpdesk.

    2. The password may be communicated verbally via a phone call with a member of our support team.

Note for Windows users

The default Windows download path will probably be C:\Users\<username>\AppData\Roaming\username but you may change that at time of download.

 

Further reading

Related Pages

Â