Show download pdf controls
  • Access Manager via RAM

    Relationship Authorisation Manager (RAM) is connected to Access Manager. This means when you authorise a person to act for a business using RAM, you can set their permissions for ATO online services in Access Manager at the same time.

    The 'Import AUSkey users' function in RAM is also available, allowing you to transfer permissions (as granted in Access Manager) of existing AUSkey users associated with your business.

    To set permissions in Access Manager through RAM or use the 'Import AUSkey users' function you need to be the principal authority or authorisation administrator.

    By logging in to Access Manager through RAM, you agree to:

    • comply with the terms and conditions of myGovID and RAM
    • keep your myGovID secure at all times and not share it with others.

    See also:


    Assigning and managing permissions for staff is one of the main functions of Access Manager. It enables businesses to manage which ATO online services and functions their employees can access.

    To transfer the permissions (as granted in Access Manager) of existing AUSkey users to RAM, see Import AUSkey usersExternal Link.

    To set permissions in Access Manager through RAM:

    1. Select Custom in the 'Agency access' section when you add a new user. Custom access users will be visible in Access Manager once the authorisation is created in RAM.
    2. Complete the steps in the 'Summary' section.
    3. Select ATO Access Manager (not all government online services offer this option) in the 'Customise access' section.
    4. Once in Access Manager, choose the relevant permissions from the access and permissions displayed and save.

    To view or modify existing permissions:

    • Select the user.
    • Select view or modify.
    • Select ATO Access Manager.
    • Once in Access Manager, select Access and Permissions from the left hand menu.

    To disable, remove or restore an authorised user, go to RAM.

    If your access level is set as Full, you automatically have access to all ATO online services, however you may not be an authorisation administrator. Avoid copying permissions from a full access user as this may cause an error to occur.

    Device AUSkeys are not managed in RAM, however principal authorities or authorisation administrators can manage permissions for Device AUSkeys in Access Manager.

    Device AUSkeys will be replaced with new machine credentials at the end of March 2020. You can create machine credentials in RAM which allow you to interact with our online services through your business software.

    See also:

    Business appointments

    When using the 'Who has access to my business' function, available under Business Appointments in Access Manager, through RAM, note that users will appear as 'Standard' users.

    We are working on adding the 'Auto access feature' when using Access Manager from RAM. This means you will be able to update permissions for custom access users in bulk, giving the user all of the permissions assigned by the principal business.

    Authorising users to registered agent numbers

    If you're a registered tax or BAS agent, to give your staff access to the clients of your registered agent number (RAN), you need to authorise them in Access Manager and give them the necessary permissions. A user will need Custom access level in Access Manager at minimum to enable you to give them access to your RAN.

    If you have Full access level or you are a principal authority you will automatically have access to all RANs.

    Assigning user permissions to access your clients

    As a registered agent you may restrict client accounts deemed to be sensitive or private, such as your own accounts. You may not want some or all of your staff with Custom access level users to have access to these client accounts in Online services for agents.

    When you restrict a client, only principal authorities and Full access level users (by default) will have access to that client's information. You can then specify which standard or Custom access users will have access to that client in Online services for agents.

    See also:

      Last modified: 12 Dec 2019QC 40983