Starting with easyFBT 2022 we have introduced a new, secure login authentication process to help protect your data. We have partnered with Auth0 to integrate this feature into the application as it provides an easy to use, centralised online management process for our users.
We have chosen the Auth0 authentication system due to its ability to simplify and securely implement the type of security requested by the Australian Tax Office (ATO), allow disparate integration options to be added and to provide a hands-off approach more in line with the modern online world we now find ourselves.
Due to the short timeframes available to us, we have completed a more simplified implementation but we will be looking to build upon this starting point moving forward. If you have any suggestions or feedback, please contact support.
Why do I have to login?
The ATO have mandated that any software that connects to the Standard Business Reporting (SBR) system must now provide a comprehensive login system to protect users.
The ATO's Digital Service Provider (DSP) Operational Security Framework (OSF) seeks to protect Taxation, Accounting, Payroll, Business Registry and Superannuation related data and the integrity of the Taxation, Business Registry and Superannuation systems that support the Australian community. This is achieved by setting out a minimum level of security requirements a DSP needs to meet in order to access ATO Digital Services that perform a functional role in the supply chain. The ATO's DSP OSF has been established to respond to business risks and security threats presented by the continual expansion and growth of digital services across the ecosystem.
The ATO's DSP OSF is a response to known examples of:
Information misuse: including identity theft, personal gain or commercial advantage.
Financial system misuse: including tax refund fraud.
Destructive cyber behaviour: including individual or system hacks.
The ATO's DSP OSF applies to any software product or digital service that performs a functional role in the supply chain of transmitting Taxation, Accounting, Payroll, Business Registry or Superannuation data through ATO digital services.
This includes software products that reads, stores, modifies or routes any Taxation, Accounting, Payroll, Business Registry or Superannuation data that:
Connects directly to the ATO digital services.
Connects indirectly to the ATO via a sending Service Provider (SSP) for Payroll services.
Connects indirectly to the ATO via a Gateway for Superannuation Services or SuperStream
Each time you start easyFBT you will be presented with the following screen which will allow you to login to the application by either entering your account credentials or choosing one of the optional enterprise account options:
Available account options
First time users will need to either create a standard account credential (via the Sign up option) or by linking your existing enterprise account to our easyFBT application. There are currently 3 options available to log into easyFBT:
Standard account - create a personalised easyFBT account providing a username and password. You will receive an e-mail notification to finalise your account and access.
LinkedIn - link your existing LinkedIn account to easyFBT
Microsoft account - link your existing Microsoft 365 account to easyFBT
Which is the recommended account option?
For ongoing simplification we recommend (where available) using a LinkedIn or Microsoft 365 account as this can be tied to an already existing account. Whilst a standard account is more than suitable for this purpose it will require you to remember an additional account.
Additional login options and features
Additional account options such as Google Workspace or features such as multi-factor authentication or offline access will be considered going forward. If you have any suggestions please feel free to contact support for future consideration.
Ongoing easyFBT use
Once you have chosen your account option it will be available and useable for all future releases of easyFBT starting from the 2022 release.
Account sign up
To complete the account sign-up process, click on the Sign up link located in the middle of the Log in screen where you will be presented with the following Sign up screen:
Standard account login
If you intend to create a new standard account complete the following:
Enter your email address and password (follow the on-screen password requirements). Click the Continue button to create your account.
Once you have created your account, you will be sent a Verify your Account e-mail. Check your inbox or junk mail folder.
From the e-mail, click the VERIFY YOUR ACCOUNT button to finalise your account.
Note: if you get an error message when you click the Verify your Account link then you can ignore that message as your account will be verified regardless of that error.
Once your account has been verified, in future at the login prompt, enter your username and password and click the Continue button.
If you fail to complete the Verify your Account step, you will not be able to login to easyFBT in future attempts. In this situation each time you attempt to start easyFBT we will send you a follow-up Verify your Account e-mail and you will be advised of this via an on-screen prompt.
Note: If you have any issues finalising your account, please contact support.
LinkedIn or Microsoft account login
By choosing either of the LinkedIn or Microsoft Account login options, follow the on-screen prompts (as designated by the provider chosen) to link your account to easyFBT.
Once your account has been linked, in future at the login prompt, click on the Continue with button (depending on your provider) and follow the on-screen prompts.
Authentication features and conditions
Our easyFBT authentication has a number of additional features and conditions required to be met to access the program.
Closing or cancelling the login prompt
If you fail to successfully provide your account credentials or cancel the login prompt, easyFBT will either not be started or if already open will be closed (edited data will be automatically saved).
The current configuration of the easyFBT/Auth0 authentication process requires online access at all times. When starting easyFBT, we will validate your online status before showing the login prompt and will advise where a connection is not available. Until a valid online connection is available, easyFBT will not be started or if already open will be closed (edited data will be automatically saved).
Re-prompting for your account credentials
After a period of non-activity within easyFBT, you will be re-prompted for your account credentials. Provide your account details again to return to easyFBT.
Failure to provide your account credentials will result in easyFBT being closed (edited data will be automatically saved).
Issues using the Auth0 login process
Depending on the internal IT configuration of your network, occasionally (more so when using Remote Desktop Services [Terminal Services] or Citrix) the Auth0 login window may fail to load, respond with an offline prompt or not complete the login process correctly. In this situation you may need to add a number of URLs to the trusted sites available to your computer.
Adding the required URLs to your trusted sites
To add the required site URLs, open the Internet Options dialog on your computer (available via the search box on your Start menu):
Select the Trusted sites option and click the Sites button to display the Trusted sites dialog. Enter the required URLs as outlined below and click the Close button.
Depending on the account type you are using to login, enter the following URLs:
Thank you to a number of our clients who helped diagnose and solve these issues.
Additional logging has been added to easyFBT in line with the ATO's DSP OSF requirements. These logs are generated on an application and entity level basis tracking features activated by the logged-in user.
Application level - includes everything done by the user from log-on to close across all activated entities (ApplicationLog.txt file located in the Documents\One Plus One Solutions Pty Limited\easyFBT 2022\Logs folder)
Entity level - includes everything done by the user specific to the activated entity (EntityLog.txt file located in the specific entity folder)
Type of information recorded
Including the account name and date/time, anything specific from logging-in, opening features, editing, importing or saving workpapers, viewing reports and completing SBR lodgements.