SoftwareDeveloperForum
CloudSoftware Authentication andAuthorisation Update
3 November 2016
PresentedbyAustralianTaxationOfficeNovember2016
CAAupdate
UnderstandingCAA
Transitiontimeline
Userinterfaces(UIs)
Nextsteps
Understanding CAA
Thecloudauthenticationproblem
Toprovidecontemporaryservices,softwareprovidershadnochoicebutto developtheircloudsoftwareinawaythatrequiredtheirclientstosharetheir AUSkey.Thisresultedinrangeofissues.
Thebusiness usesonline (cloud-based) software
Thebusinessis promptedtoregister foranddownload theirownAUSkey
To transactwith governmentthe businessmustshare theirownAUSkeywith theirOnline(cloud based)software providers
Online(cloudbased) softwareprovidersstore theirclients(businesses) AUSkey
TheCAAsolution
Businessesnotifythe governmentagencyoftheirsoftwareproviderservices,and thesoftwareprovider’sdedicateddeviceAUSkeyisabletothenbeusedtosecure theirtransmissions.
Thebusiness usesonline (cloud-based) software
Businessis promptedto notifyagovernment agencyoftheirsoftware providerservices
Online(cloud-based) softwareprovidersuse theirowndedicated DeviceAUSkey
Removesthe needforclientstoobtainand manageanAUSkeyandimproves theirauthenticationexperience
Reducesthe administrativeandsupportburdenforsoftwareproviders and enables them todelivercontemporarysolutions(onlineanytimefromany device)
Solvesthe AUSkeyissuesand isin alignmentwiththefuturegovernment strategic directionand initiatives
HowCAAworks:Softwareproviders
Softwareprovider
HowCAAworks:Endusers
Accessonline,anytime,on anydevice
Aone-off notification
whenthey subscribe…
…meanstransactions
aresecure
Transitiontimeline
Transitiontimeline
Sep2016
Available
Now
Sep2016
Available
Now
AUSkeyDeveloperKit
(withCAAUpdates)
Preliminary
SystemTest
2016
2017
JulyAugustSeptemberOctoberNovember DecemberJanuaryFebruaryMarchAprilMayJune
JulyAugustSeptember
ADKavailableviaSBR (includingCAAchanges) dotNET/Java:ADK2.1
Cversion:ADK2.2
TestingADK
Preliminarysystemtest(agilebuild)
TestingUser Interface
AgilebuildandBetatest
CAA deployed toProd
inRAM
(Go-live)
Testing*
Endto EndUAT
DateTBC
CAA deployed toProd
inRAM*
(Go-live)
ImpactedSWDmusttransitiontheirclientsto newsolution
DateTBCRTOtransition tobe
completed by Jun 2017
RTOtransition tobe completed bySep2017* DateTBC
*Dates to beconfirmed
Client experience
UserInterfaces(UIs)
What’splannedforRelease1
Clientfunctions
Viewtheirownnotificationsfor cloudsoftware
AcceptpendingnotificationviaUI
Create/modify/deleteactivenotificationviaUI
User Interfaces:Clientexample
User Interfaces:Add a notification #1
User Interfaces:Add a notification #2
User Interfaces:Add a notification #3
User Interfaces:Accept a notification #1
User Interfaces:Accept a notification #2
User Interfaces:Accept a notification #3
Softwareproviderexperience
User Interfaces (UIs)
What’splannedforRelease1
Softwareproviderfunctions
Viewclientnotificationsfor my cloudsoftware
CreatependingnotificationviaAPI(includesupdate)
CreatependingnotificationviaUI(includesupdate)
Suspendanactiveclientnotification
Changethenamethatwillbedisplayedforyour clients
(defaultABNentityname)
Enable/disablesoftwareproviderAUSkeystousefor CAA
User Interfaces:Services used by SWDs
User Interfaces:Services used by SWDs
User Interfaces:Services used by SWDs
User Interfaces:Add a pending notification #1
User Interfaces:Add a pending notification #2
Next steps
Nextsteps
Confirmtimelines
ShareUserInterfacewith your clientsandprovidefeedback
()
Futurestate:
Developingend-to-endtestingprocess
Supportmodel
Questions