Cloud software authentication and authorisation (CAA)

This page provides links and information to assist digital service providers (DSP) with implementing the Cloud software authentication and authorisation (CAA) solution.

Summary

The ATO, in conjunction the software developer community, designed and implemented a solution for customers of cloud hosted software to securely exchange information with us, for example lodgments and prefilling.

The CAA solution:

• enables approved DSPs to setup a dedicated machine credential for the purposes of securing transmissions to us made by businesses through online software
• allows businesses to notify the ATO of a nominated DSP who can send secure transmissions to the ATO on behalf of the business from within their online software
• eliminate the need for businesses to obtain, upload or use a machine credential to secure transmissions when interacting with us via online software
• has been deployed for businesses and tax agents lodging to the ATO
• can be leveraged for desktop software (cloud gateway required)
• co-exists with existing compliant solutions.

For further information on CAA solution refer to the Software Developer Information Kit v2.0 (PDF, 1.7MB).

More information

• The ATO has provided responses to some commonly asked questions at CAA - Frequently asked questions.
• General information on the CAA solution is available at Cloud software authentication and authorisation | Australian Taxation Office (ato.gov.au).
• Guidance on creating a hosted software notification can be found at My hosted SBR software services | Australian Taxation Office (ato.gov.au).
• For quickest response, Software developers should use Online Services for DSPs to provide feedback and seek further assistance.  Queries can also be forwarded to the SBR Service Desk.