Service Providers and clients must create separate OH|ID login credentials
With the Gateway's integration with the State of Ohio's new identity management system, OH|ID, each Gateway user is now required to create an OH|ID that represents them as an individual. This is a change from the previous system — OH|IDs are associated with an individual user, not a company or business account. In other words, OH|IDs are "user-based" not "business-based."
This change aligns with the latest in security best practices and allows for verification of and tracking that the individual who is filing a transaction has the appropriate permissions to file on behalf of the business account. Never share your OH|ID username or password as the credentials represent you as an individual practitioner; they do not represent your employer's or client's business account. Logging in with an OH|ID created by a client means that the Gateway will record that your client, not you, filed the transaction and poses a security risk both for your client and yourself.
Service Provider cannot assist a client who does not have access to their own business account.
A service provider can not assist their client with filings on the Gateway if the client does not have their own access (username and password) to their business account. Only authorized users that are associated with a business account are allowed access to research or file on that account.
Service Provider can file a transaction on behalf of a client
The Service Provider can file a transaction on behalf of a client but must save the transaction in "ready for check out". The client will then login, resume the "ready for check out" filing and submit with payment.
Service Providers can remove employee's access to multiple business accounts including client accounts and the service provider's account in the event they leave the firm or their employment is terminated.
Direct Filing Administrators (users who have a Filing Administrator role on their employer's business account) can remove an employee's access to all business accounts to which they have access by utilizing the Gateway's "terminate" functionality. Once logged into the Gateway, confirm the business listed in the Business Account dropdown is the business which employs the individual being terminated. Click on the "Lock" icon in the upper right-hand corner. Then, click on the Account Access Requests tab and scroll down to the Account Access table. Locate the name of the individual being terminated and, under the Actions column, click the "Terminate" icon. The individual will still appear in the Account Access table but will now have a status of "Inactive." The individual's access to all business accounts with which they are associated — both their employer's and any client accounts to which they had access — is now removed.
Please note, if the individual has access to any personal business or additional employers' accounts, taking these steps will remove their access to those business accounts as well. The individual would need to log into the Gateway to re-request access to those business accounts.
If the "Terminate" icon does not appear next to the individual's name, that means they are set-up as an employee of another business account in the Gateway. Currently, users cannot be designated as employees of more than one business account. In this case, click the "Deactivate" icon next to their name. The individual will still appear in the Account Access table but will now have a status of "Inactive." The individual's access to the business account listed in the Business Account dropdown is now removed. To remove the individual's access to additional business accounts for which you are a Filing Administrator, select the applicable business name from the Business Account dropdown, click the "Go" button and repeat the steps to deactivate their access.