We're introducing a new way to connect to EFRIS. TaxBridge now generates your cryptographic identity automatically—you just upload to the URA portal. What used to take 30+ minutes now takes under 5 minutes.
Connecting to EFRIS typically requires generating cryptographic keys, creating certificates, calculating thumbprints, and manually registering everything with URA. Today, we’re introducing Managed Identity Onboarding—a streamlined “Connect URA” wizard that handles the technical complexity for you.
What We’re Introducing
Managed Identity Onboarding transforms EFRIS certificate setup into a simple 3-step process:
Step 1: Generate Identity
TaxBridge generates a secure RSA 2048-bit key pair and a 10-year X.509 certificate for your business. You can optionally protect your private key with a custom passphrase for enhanced security.
Step 2: Register on Portal
Download your digital certificate (.cer file) and copy your SHA-1 thumbprint. You then log into the URA EFRIS portal and register your system integration. During this step, the URA portal will assign you a unique Device Number.
Step 3: Verify Connection
Enter the Device Number assigned by URA back into TaxBridge. We perform an atomic T104 handshake with the URA servers to confirm that your digital signature is valid and your connection is live.
Why This Matters
Setting up EFRIS integration has traditionally been a high-friction process. Most business owners are not cryptographers, and manual key generation often leads to format errors, weak keys, or mismatched certificates that delay compliance.
With Managed Identity, we automate the “Gold Standard” cryptographic setup:
- RSA 2048-bit keys (strict URA requirement).
- SHA-256 with RSA certificate signatures.
- AES-256 encryption for private key storage.
You focus on the legal requirement—manually uploading the certificate to the URA portal to establish non-repudiation—and we handle the complex math.
How It Works
When you choose the Managed Identity flow in the TaxBridge Portal:
- Digital Identity Generation: Our backend creates your keys and certificate following strict Ugandan fiscal standards.
- Interactive Guide: We provide step-by-step instructions for the URA portal registration, including a one-click download of the required
.cerfile. - Real-time Verification: Once you’ve registered with URA and provided your device number, we verify the integration immediately. No more guessing if your credentials work.
Two Ways to Connect
TaxBridge remains flexible for all businesses. We support both onboarding methods simultaneously:
- Managed Identity (New): Recommended for new integrations. We generate everything to ensure technical correctness.
- Manual Upload: If you already have a pre-existing certificate and device number registered with URA, you can simply upload your private key as before.
Security & Compliance
Security is at the heart of Managed Identity. All private keys are encrypted at rest using industry-standard AES-256. By requiring you to manually upload the generated certificate to the URA portal, we ensure that your integration remains legally non-repudiable and fully compliant with EFRIS regulations.
Try It Out
Managed Identity is now available for all new taxpayer signups. When you add a new business to your TaxBridge workspace, select “Managed Identity” to use the new streamlined flow.
If you have technical questions or need assistance during the URA portal registration, our specialized support team is ready to help.
Questions? Contact us at support@taxbridge.app or check out our documentation.