Starting from easyFBT 2022 we have introduced a new, secure login authentication process to help protect your data. We have partnered with Auth0 to integrate this feature into the easyFBT application as it provides an easy to use, centralised online management process for our users.
We have chosen the Auth0 authentication system due to its ability to simplify and securely implement the type of security requested by the Australian Tax Office (ATO), allow disparate integration options to be added and to provide a hands-off approach more in line with the modern online world we now find ourselves in.
IMPORTANT: Shared user logins must NOT be used. Each person logging into easyFBT must have a unique user login and only use that to access easyFBT.
Why do I have to login?
The ATO have mandated that any software that connects to the Standard Business Reporting (SBR) system must now provide a comprehensive login system to protect users.
The ATO's Digital Service Provider (DSP) Operational Security Framework (OSF) seeks to protect Taxation, Accounting, Payroll, Business Registry and Superannuation related data and the integrity of the Taxation, Business Registry and Superannuation systems that support the Australian community. This is achieved by setting out a minimum level of security requirements a DSP needs to meet in order to access ATO Digital Services that perform a functional role in the supply chain. The ATO's DSP OSF has been established to respond to business risks and security threats presented by the continual expansion and growth of digital services across the ecosystem.
The ATO's DSP OSF is a response to known examples of:
Information misuse: including identity theft, personal gain or commercial advantage.
Financial system misuse: including tax refund fraud.
Destructive cyber behaviour: including individual or system hacks.
The ATO's DSP OSF applies to any software product or digital service that performs a functional role in the supply chain of transmitting Taxation, Accounting, Payroll, Business Registry or Superannuation data through ATO digital services.
This includes software products that reads, stores, modifies or routes any Taxation, Accounting, Payroll, Business Registry or Superannuation data that:
Connects directly to the ATO digital services.
Connects indirectly to the ATO via a sending Service Provider (SSP) for Payroll services.
Connects indirectly to the ATO via a Gateway for Superannuation Services or SuperStream
On Startup
Each time you start easyFBT (2022 or later versions) you will be presented with the following screen which will allow you to login to the easyFBT application by either entering your account credentials or by choosing the optional "Continue with Microsoft Account" option:
Available account options
First time users will need to either create a standard account credential (via the Sign up option) or by linking your existing enterprise account to our easyFBT application. There are currently 2 options available to log into easyFBT:
Standard account - create a personalised easyFBT account providing a username and password. You will receive an e-mail notification to finalise your account and access.
Microsoft account - link your existing Microsoft 365 account to easyFBT
Which is the recommended account option?
For ongoing simplification we recommend (where available) using a Microsoft 365 account as this can be tied to an already existing account. Whilst a standard account is more than suitable for this purpose it will require you to remember an additional account.
Additional login options and features
Additional account options such as Google Workspace or features such as multi-factor authentication or offline access will be considered going forward. If you have any suggestions please feel free to contact support for future consideration.
Ongoing easyFBT use
Once you have chosen your account option it will be available and useable for all future releases of easyFBT starting from the 2022 release.
Account sign up
For new users of easyFBT, to complete the account sign-up process, click on the Sign up link located in the middle of the Log in screen where you will be presented with the following Sign up screen:
Standard account login
If you intend to create a new standard account complete the following:
Enter your email address and password (follow the on-screen password requirements). Click the Continue button to create your account.
Once you have created your account, you will be sent a Verify your Account e-mail. Check your inbox or junk mail folder.
From the e-mail, click the VERIFY YOUR ACCOUNT button to finalise your account.
Note: if you receive an error message when you click the Verify your Account link, you can safely ignore that message as your e-mail service may have previously self-verified the link as part of its spam validations.
Once your account has been verified, in future at the login prompt, enter your username and password and click the Continue button.
Non-activated account
If you fail to complete the Verify your Account step, you will not be able to login to easyFBT in future attempts. In this situation each time you attempt to start easyFBT we will send you a follow-up Verify your Account e-mail and you will be advised of this via an on-screen prompt.
Note: contact support where you are unable to activate your account.
Microsoft account login
When choosing the Continue with Microsoft Account login option, follow the on-screen prompts to login into easyFBT with your first initial attempt linking your account to the software.
Note: at no time does One Plus One Solutions Pty Limited have access to your account or password.
Authentication features and conditions
Our easyFBT authentication has a number of additional features and conditions required to be met to access the program.
Closing or cancelling the login prompt
If you fail to successfully provide your account credentials or cancel the login prompt, easyFBT will either not be started or if already open will be closed (edited data will be automatically saved).
Offline access
The current configuration of the easyFBT/Auth0 authentication process requires online access at all times. When starting easyFBT, we will validate your online status before showing the login prompt and will advise where a connection is not available. Until a valid online connection is available, easyFBT will not be started or if already open will be closed (edited data will be automatically saved).
Re-prompting for your account credentials
After a period of non-activity within easyFBT, you will be re-prompted for your account credentials. Provide your account details again to return to easyFBT.
Failure to provide your account credentials will result in easyFBT being closed (edited data will be automatically saved).
Issues using the Auth0 login process
Depending on the internal IT configuration of your network, occasionally (more so when using Remote Desktop Services [Terminal Services] or Citrix) the Auth0 login window may fail to load, respond with an offline prompt or not complete the login process correctly. In this situation you may need to add a number of URLs to the trusted sites available to your computer and potentially also to your corporate firewall exceptions.
Adding the required URLs to your trusted sites
To add the required site URLs, open the Internet Options dialog on your computer (available via the search box on your Start menu):
On the Security tab select the Trusted sites option and click the Sites button to display the Trusted sites dialog. Enter the required website URLs as outlined below and click the Close button.
Depending on the account type you are using to login, enter the following URLs:
All accounts
https://easyfbt.au.auth0.com
Microsoft (when using Microsoft 365 and/or Outlook accounts)
https://*.msftauth.net
https://login.microsoftonline.com
https://login.live.com
Adding the required sites to your corporate firewall exceptions
Depending on the status of your corporate firewall, we have a number of clients that have also required adding the following URLs to their exception rules:
All accounts
https://easyfbt.au.auth0.com
Microsoft (when using Microsoft 365 and/or Outlook accounts)
https://*.msftauth.net
https://login.microsoftonline.com
https://login.live.com
IMPORTANT: Your IT Department will be required to complete this task. Firewall exceptions and how to accept them will be different depending on the hardware and software involved.
Application logging
Additional logging has been added to easyFBT in line with the ATO's DSP OSF requirements. These logs are generated on an application and entity level basis tracking features activated by the logged-in user.
Application level - includes everything done by the user from log-on to close across all activated entities (ApplicationLog.txt file located in the Documents\One Plus One Solutions Pty Limited\easyFBT 20XX\Logs folder)
Entity level - includes everything done by the user specific to the activated entity (EntityLog.txt file located in the specific entity folder)
IMPORTANT: The ATO recommends that these log files are retained for at least 12 months. NOTE: easyFBT does not remove these log files.
Type of information recorded
Including the account name and date/time, anything specific from logging-in, opening features, editing, importing or saving workpapers, viewing reports and completing SBR lodgements.
Commentaires