You are here

Access permissions and authorisations in e-Tax/e-Customs

From 8 May 2019 access permissions and authorisations in the e-Tax/e-Customs are located in section “Settings” under the menu item “Access permissions”.

Services in the access permissions’ application can be found through the drop-down menu at the top-left corner.

  • All the existing access permissions will remain at the user’s disposal.

  • If users meet certain conditions, they will receive automatic packages, otherwise packages will be closed. Automatic packages are:

    • natural person’s data viewing package (A-FI-V)
    • natural person’s representative package (A-FI; includes administrator rights)
    • self-employed person’s data viewing package (A-FIE-V)
    • self-employed person’s representative package (A-FIE; includes administrator rights)
    • legal person’s data viewing package (A-JI-V)
    • legal person’s representative package (A-JI; includes administrator rights)
  • On behalf of the person represented, you will get one or more automatic packages.
  • Automatic packages can be delegated.
  • Access permissions can be given as packages or separate permissions. The selection includes currently valid packages and separate permissions, and you can simultaneously select several packages or separate permissions.
  • Access permissions can also be given on the basis of user ID.

Video guidance on access permissions and authorisations in the e-Tax/e-Customs (in Estonian)

 

Discarding access permissions

  • You can discard your access permissions (excluding automatic access permissions). There are several options for doing so:

    • you can discard all packages and separate permissions at once;
    • you can select one or several packages or separate permissions that you wish to discard;
    • you can choose and insert the date of waiver or close your package immediately.

Delegation of access permissions

  • When giving an access permission to another person, you have the possibility to determine whether the access permission can be delegated or not. Access permissions granted to legal persons are always delegable.
  • An access permission can be delegated only once.
  • If you edit the access permission that is a basis for delegation, the permission delegated will change as well.

Cloning

The person who has the right to add access permissions (administration rights), can clone access permissions given to one person/user.

  • Access rights that are valid at present or in future are cloned.
  • When cloning, it is possible to change the start and end date of the validity period of access permissions.

Comparison of access permissions

  • To compare access permissions you have to hold the administrator rights.
  • If you have the administrator rights, you can compare the access permissions of two users at the same time.
  • The packages and separate permissions selected will be displayed in a comparative table as valid at the moment of viewing.

Favourites

The Favourites’ list of the person represented is displayed to the holder of administration rights. Favourites include both natural and legal persons.

  • Persons can be deleted from the Favourites’ list.
  • Persons can be added to Favourites on the access permissions page or upon granting an access permission.
  • From Favourites you can search persons by status or by name.

The user holding the administrator rights, i.e. the right of representative to administer the application user rights (P_EXTERNAL_USER), can view and administer access rights on behalf of the person represented.

The right of the representative of a person to administer the application user rights (P_EXTERNAL_USER) replaces the former D-authorisation.

Example. How can one company give access rights to another company
  • Representative A represents company A (has the right P_EXTERNAL_USER).
    Representative A (as the representative of company A) can view and administer access permissions on behalf of company A.
  • Representative B represents the accounting firm B (has the right P_EXTERNAL_USER).
    Representative B (as a representative of company B) can view and administer access permissions on behalf of company B.
    • Representative B has delegated the external user right (P_EXTERNAL_USER) to head accountant B.
      Head accountant B (as the administrator of the rights of company B) can also view and administer access permissions on behalf of company B.

On behalf of company A, representative A gives an Accountant’s package to accounting firm B
  • Based on the authorisation given by company A, representative B and head accountant B receive the administrator rights on behalf of company A (P_EXTERNAL_AUTHORITY_MANAGER).
  • Representative B and head accountant B get permission to represent company A within the authorisation granted.

    Head accountant B logs in as a representative of company A:
    • gives the Accountant’s package of person A to oneself,
    • gives the Accountant’s package of person A to accountant B.

The right of representation and access permissions on behalf of company A belong to:

  1. representative A – the right P_EXTERNAL_USER,
  2. person B – Accountant’s package,
  3. representative B – the right P_EXTERNAL_AUTHORITY_MANAGER,
  4. head accountant B – the right P_EXTERNAL_AUTHORITY_MANAGER and Accountant’s package,
  5. accountant B – Accountant’s package.

13.06.2019