2AU.00.35
35
A user with valid credentials that is not authorised to share data should still be able to successfully authenticate. This may include a user that not a nominated representative, or is otherwise ineligible to share data. In this situation, the user should be able to successfully authenticate before seeing details in the authorisation flow outlining that they cannot share data, which may include a list of unavailable accounts and instructions on how to gain the ability to share data. A user that is ineligible or not a nominated representative should not fail at the point of authentication where they otherwise have valid credentials and meet the necessary criteria to successfully authenticate.
Authenticate: Redirect to Web with One Time Password
22 September 2025