Authentication and Authorisation

The USI Registry System uses a combination of an Organisation’s AUSkey, ABN and OrgCode for authentication and authorisation through either web service calls.

Software Developer Kit (ADK)

Two developer kits are needed – an AUSkey kit and a USI kit.

AUSkey Kit

For all enquiries relating to the AUSkey kit, please contact the Digital Partnership Office (DPO) at dpo@ato.gov.au.

USI Kit

Complete the USI Developer Kit application form and send it to IT@usi.gov.au.

You will then be issued the USI kit including:

  • USI Web Service Technical Services Contract
  • The current version of the Security Token Service – Service Definitions
  • The USI Algorithm
  • Connection Instructions
  • AUSkey Device Key and organisation codes for the test environment
  • Information on USI web services, including a 'Hints and Tips' outline of common development problems reported

Connecting to the USI Registry System

When accessing the USI Registry System, an organisation is authenticated in VANguard using their AUSkey. The Org code is submitted to the USI Registry System, and checked that it:

  • Is registered in the USI Registry System
  • Has an ABN that matches the certificate generated from the AUSkey
  • Has been authorised to use the USI web services by the Student Identifiers Registrar
  • Is of the correct organisation type (training organisation or other VET related body) to use the called functions

If you need additional information you can email admin@usi.gov.au.

Obtaining a Production AUSkey

For web services, a Device AUSkey is used. To be issued a Device AUSkey, an organisation must first have, or register for, an administrator AUSkey with the Australian Business Register. Organisations are most likely to already have an AUSkey administrator in their financial/tax matters area.

When applying for an AUSkey with the Australian Business Register you will need an ABN.

For more information on AUSkey and how to apply please visit Australian Business Register.

Authentication options

Desktop software

Clients will download your software to their own environment and use their own AUSkey authentication to secure their transactions to the USI Registry System.

Cloud software

The Office of the Student Identifiers Registrar has been working with the Australian Taxation Office to adapt to the increased demand for businesses to use cloud based software. The Cloud Software Authentication and Authorisation (CAA) solution will allow software developers (SWDs) to design and implement a solution for clients using cloud enabled software to securely communicate information with the Office of the Student Identifiers Registrar.

Policy advice from the Department of Finance regarding the use of an AUSkey in the cloud identifies that SWDs remotely storing a client’s AUSkey in cloud based solutions is in breach of the AUSkey terms and conditions. The CAA solution meets the terms and conditions of the AUSkey Certification Practices Statement (CPS) and Certificate Policies (CP).

The CAA solution:

  • improves the client authentication experience by removing the need for them to obtain and manage an AUSkey to transmit to government via cloud based software,
  • reduces the administrative and support burden for software providers, enabling them to deliver contemporary solutions, online anytime from any device, for their clients,
  • ensures AUSkey compliance and is in alignment with future government strategic direction and initiatives.
  • allows businesses to notify Government of their software provider’s services, and the software provider’s dedicated device AUSkey is used to ensure secure transmissions.