Crest of the Australian Government Unique Student Identifier-Logo

Authentication and authorisation

The USI Registry System uses a combination of an Organisation’s ABN and USI Org Code for authentication and authorisation to establish web service connections.

Software Developer Kits

Two developer kits are needed. You must first obtain the Digital Partnership Office (DPO) Authentication Kit before you apply for the USI Developer Kit.

Authentication Kit

For all enquiries relating to the DPO Authentication Kit, please contact the DPO at dpo@ato.gov.au.

USI Developer Kit

Complete the USI Developer Kit application form.

You will then be issued the USI Developer Kit including:

  • USI Web Service Technical Services Contract
  • The current version of the Security Token Service – Service Definitions
  • The USI Check Character Algorithm
  • Connection Instructions
  • Machine-to-Machine (M2M) authentication and organisation codes for the test environment.

Connecting to the USI Registry System

When accessing the USI Registry System an organisation is authenticated. The Org code is submitted to the USI Registry System, and checked that it:

  • is registered in the USI Registry System
  • has an ABN that matches the certificate generated from authentication credentials
  • has been authorised to use the USI web services by the Student Identifiers Registrar
  • is of the correct organisation type (Registered Training Organisation (RTO), VET related body, Higher Education Provider or Tertiary Admission Centre) to use the called functions.

If you need additional information you can email IT@usi.gov.au

Obtaining Machine-to-Machine (MSM) authentication

For web services, Machine-to-Machine (M2M) authentication is used. To be issued with M2M, an organisation and its staff must first set up a myGovID and Relationship Authorisation Manager (RAM). 

Authentication options

Desktop software

Organisations will download software to their own environment and use their secure M2M credential for transactions to the USI Registry System.

Cloud software

The Cloud Software Authentication and Authorisation (CAA) solution allows software developers (SWDs) to design and implement a solution for clients using cloud enabled software to securely communicate information with the Office of the Student Identifiers Registrar.

An organisation using cloud-hosted services does not have to obtain their own M2M credential. The host service provider is required to use their M2M credential to authenticate a connection to the USI Registry.

After obtaining a Digital Identity and claiming their business in Relationship Authorisation Manager (RAM), the business associate of an approved organisation needs to access RAM and nominate the host service provider submitting transactions on their behalf.

 

Did you find the information you were looking for on this page?
On a scale of 1 to 5, please provide a rating for how useful the information on this page was in answering your question.
Poor
Excellent
Did you find the content on this page easy to understand?
Don’t include personal or financial information. For example your phone number, email or credit card details.

If you need help, please call us on 1300 857 536 or from outside on Australia +61 2 6240 8740. Our contact centre is open between 8:30am-6.30pm (Australian Eastern Standard Time), Monday to Friday (excluding national and South Australian public holidays).

OR

If you would like to provide feedback, please complete the feedback form.

Office of the Student Identifiers Registrar (OSIR)
Last Modified on Wednesday 7th June 2023 [202]