Machine to Machine (M2M) authentication solution

Machine credentials (a component of the M2M authentication solution) allow you and your users to interact with a number of Government agencies through Standard Business Reporting (SBR) enabled software including the:

Machine credentials are also used to integrate with the USI Registry System via web services.

Developers can test the M2M solution in the SBR and USI external vendor testing environments (EVTE) to ensure their software is fully compatible.

All components of the M2M solution include:

  • A machine credential
  • A Machine Authentication Service (MAS-ST)
  • Relationship Authorisation Manager (RAM) - an authorisation solution which allows users to manage who can act on behalf of their business.

On this page

How the machine credential works

The design principles of machine credentials were developed in collaboration with industry through the Digital identity working group. The functional high-level design shows how the M2M solution works:

A machine credential can be created in RAM by a principle authority or machine credential administrator (MCA). This person is responsible for appropriate use, management and safeguarding of the machine credential on behalf of the business.

See machine credentials on the Relationship Authorisation Manager (RAM) website for more information.

Machine credentials are backwards compatible with the current AUSkey Developer Kit (ADK). The intent is that you will only need to change to a new Secure Token Service (STS) endpoint.

Testing the machine credential

M2M testing in USI, SBR1 and SBR2 EVTE is open to all DSPs and it is important you test to ensure your software is fully compatible.

To test the M2M credential you need to:

  • be currently consuming, or developing for, ATO services through SBR or USI web services
  • be registered with the ATO through Online services for DSP's as a software developer for SBR or with USI in the third party testing environment for the USI Registry System
  • provide a main contact and phone number
  • have downloaded the latest developer kit and test credentials (details will be provided upon registration).

The testing process enables you to:

  • test and analyse the performance of the M2M solution (machine credential)
  • confirm that the product meets your functional requirements
  • confirm the ability of your software to securely integrate with the government web services.

To begin testing the M2M credential with SBR, follow the below steps:

  • log in to Online Services for DSPs (you will need a myGovID)
  • new users only: complete the SBR developer registration or new contact registration form
  • navigate to the 'Develop a product section' in Online services for Digital Service Providers and submit a 'Register your product and enter EVTE' request
  • you will receive a Welcome pack via email with step-by-step details on how to progress your testing in EVTE.

Alternatively, you can contact DPO@ato.gov.au with the email heading, ‘Register for M2M testing in EVTE’, in your email specify the environment you want to test, eg. SBR1 or SBR2.

To begin testing with USI complete the USI developer kit application form. You will then be issued the USI kit that will provide you with the necessary instructions and tools to connect to the USI web services.

For more information, contact IT@usi.gov.au on developing for the USI Registry System.

Feedback and support

You can provide feedback on your testing experience in Online Services for DSPs or by emailing DPO@ato.gov.au.

Online support tools are available to you during EVTE testing.You can ask a question about myGovID, RAM or M2M or report a myGovID, RAM or M2M Credential incident in Online Services for DSPs.Internal support models are in place to ensure rapid escalation and resolution of all issues.

You can also provide feedback at it@usi.gov.au

Contact us

You can raise a query in Online Services for DSP's or email DPO@ato.gov.au.

Find out more: