ato logo
Search Suggestion:

About Access Manager

How to log in, set up and manage access and permissions for our ATO online services using Access Manager.

Last updated 25 June 2023

Access Manager for ATO online services

Access Manager is used to manage access and permissions for:

  • Online services for agents
  • Online services for business
  • Australian Business Register (ABR).

It also allows you to manage which functions others can access on behalf of your business.

To manage access for Online services for foreign investors, go to Authorise a representative.

Learn more about:

Log in to Access Manager

To log in to Access Manager and manage permissions you need:

Log in to Access Manager

Access Manager through RAM

Relationship Authorisation Manager (RAM)External Link is an authorisation service that allows you to access our online services on behalf of a business.

RAM is connected to Access Manager. When you authorise a person to act on behalf of your business using RAM, you can set their permissions in Access Manager at the same time.

By logging in to Access Manager through RAM, you agree to:

  • comply with the terms and conditions of myGovID and RAM
  • always keep your myGovID secure and not share it with others.
Log in to Relationship Authorisation Manager

Roles and authorisation types

Authorising and managing permissions for staff is one of the main functions of Access Manager. To do this, you need to be either of these authorisation types in RAM:

  • principal authority – you have full access to ATO online services
  • authorisation administrator – you can create and manage authorisations for others. This role must be authorised by a principal authority or another authorisation administrator.

If you're a principal authority or authorisation administrator in RAM, you automatically become an administrator in Access Manager. This means you:

  • have access to all permissions for ATO online services – an authorisation administrator's permissions can only be modified by a principal authority
  • can set up authorisationsExternal Link and grant Full, Custom or No access to users in RAM. Users with custom access have limited access to ATO online services and must be assigned specific permissions in Access Manager.

Note: Once you assign permissions to authorised users, anything they do in ATO online services is legally binding to your business.

Set permissions using RAM

In RAM you can set, view, modify, remove, disable, and restore permissions.

To set permissions in RAM when you add a new user:

  1. Select Custom for Australian Taxation Office in the Agency access. Custom access users will be visible in Access Manager once the authorisation is created in RAM
  2. Complete the steps in the Summary section.
  3. Select ATO Access Manager. Not all online services offer this option in custom set up.

You will now be in Access Manager.

View or modify permissions

To view or modify existing permissions in RAM:

  1. Select the user.
  2. Select View or Edit
  3. Select ATO Access Manager.

You will now be in Access Manager.

Responsibilities when using Access Manager

Access Manager allows you to manage who has electronic access to your business' tax information. It's your responsibility to regularly review and monitor who has access to your business records.

Data about individuals and entities in Access Manager is confidential. You must ensure that unauthorised people do not compromise the integrity of that data. If you leave your computer unattended, even briefly, you must log out from Access Manager or lock your computer.

When you log in to Access Manager, you agree to:

  • comply with the terms and conditions of myGovID and RAM
  • always keep your myGovID secure and not share it with others
  • not disclose your myGovID password or share it with others.

By providing others with access to secure business information through myGovID and RAM, as yourself or as a representative for tax purposes, you must understand:

  • user access and permissions – the level of access given to each type of user (Administrator, Authorised Custom, Authorised Full, Authorised Basic) and the transactions the users can undertake. For more information, see Access Manager permissions.
  • business appointments – the nature of your relationship with any entities you have appointed as a representative for tax purposes and what transactions your they can undertake.
  • legally binding actions – the actions these users and representatives undertake through Access Manager are legally binding to your business.

Preventing unauthorised access to business information

If your staff have access to your secure information in ATO online services, we strongly recommend that you:

  • use Access Manager regularly to ensure that a user's level of access to our systems is appropriate
  • immediately disable or remove a user's account in Access Manager and RAM if you have any concerns about their activities
  • ensure that each person who deals with us online on behalf of your business has their own myGovID
  • keep passwords secure – they must not be shared.

If you use hosted (online) SBR-enabled software, we strongly recommend that you limit access to stored business information to appropriate staff only. If you have any concerns, contact your digital service provider for advice.

QC71002