The USI Registry System uses a combination of an Organisation’s AUSkey, ABN and OrgCode for authentication and authorisation through either web service calls or direct web access through the Organisation Portal.
Software Developer Kit (ADK)
Two developer kits need to be obtained – an AUSkey kit and a USI kit.
You need to register as a Software Developer with SBR in order to obtain the latest version of the AUSkey AKM kit: http://www.sbr.gov.au/software-developers/what-can-i-expect/registration-form
Please ensure that you enter ‘Department of Education and Training – USI’ in the agency field to identify you as a USI Software Developer.
You will then be issued with an onboarding pack containing:
- VANguard Security Token Technical Services Contract
- A copy of the current version of the USI Security Token Service – Service Definitions
- The USI Algorithm
- Connection Instructions
- AUSkey Device Key and organisation codes for the test environment
- A PowerPoint presentation on USI web services
Obtaining a Production AUSkey
For web services, a Device AUSkey is used. To be issued with a Device AUSkey, an organisation must first have, or register for, an administrator AUSkey with the Australian Business Register. Organisations are most likely to already have an AUSkey administrator in their financial/tax matters area.
When applying for an AUSkey with the Australian Business Register you will need an ABN.
For more information on AUSkey and how to apply please visit Australian Business Register.
Connecting to the USI System
When accessing the USI Registry System, an organisation is first authenticated in VANguard using their AUSkey. The Org code is then submitted to the USI Registry System, and checked that it:
- Is registered in the USI Registry System
- Has an ABN that matches the certificate generated from the AUSkey
- Has been authorised to use the USI web services by the Student Identifiers Registrar
Is of the correct organisation type (training organisation or other VET related body) to use the called functions
If you need additional information you can email USIAdmin@education.gov.au.
Clients will download your software to their own environment and use their own AUSkey authentication to secure their transactions to Government agencies.
The USI Office has been working with the Australian Taxation Office to adapt to the increased demand for businesses to use cloud based software. The Cloud Software Authentication and Authorisation (CAA) solution will allow software developers (SWDs) to design and implement a solution for clients using cloud enabled software to securely communicate information with the USI Office.
Policy advice from the Department of Finance regarding the use of an AUSkey in the cloud identifies that SWDs remotely storing a client’s AUSkey in cloud based solutions is in breach of the AUSkey terms and conditions. The CAA solution has been assessed and meets the terms and conditions of the AUSkey Certification Practices Statement (CPS) and Certificate Policies (CP).
The CAA solution will:
- improve the client authentication experience by removing the need for them to obtain and manage an AUSkey to transmit to government via cloud based software,
- reduce the administrative and support burden for software providers, enabling them to deliver contemporary solutions, online anytime from any device, for their clients,
- ensure AUSkey compliance and is in alignment with future government strategic direction and initiatives.
This solution allows businesses to notify Government of their software provider’s services, and the software provider’s dedicated device AUSkey is used to ensure secure transmissions.
For additional information on the CAA solution please refer to the WofG Cloud Software Authentication and Authorisation Information Kit from the ATO.
If you’ve missed any of the USI Developer Forums you can catch-up with all the CAA presentations and outcomes on the USI Developer Forums page.