Forum Discussion

The_Doc's avatar
The_Doc
Ultimate Cover User
4 years ago

Token getting process

Hi MYOB

 

Steven on the general forum mentioned there was (is) changes happening in the logon process of opening an online MYOB file 

 

i.e. that the pasword field now is only visible after you enter an email and I assume it gets checked for authenticity - and you are offered a password logon field if the email is registered?

 

Steven did say  that there was on-going changes in security procedures being developed?

 

Can you confirm or at least give some sort of heads up whether this will affect/change the current procedure for an API access to an online file.

 

i.e. 

 

1. establish a connection with a legitimate authenitcated logon (which requires a manual 2FA) process - fully manual (and for security reasons cannot be automated)

 

2. Once the manual process is successful - an Access Code is issued (life = 20 minutes) 

 

3. Access Code exchanged for Access Token (life = 20 minutes)  and a Refresh Token (Life = 7 days)

 

4. The Access Token is then used along with the file administrator password to access the data in the file via the API

5. The process can continue automatically (without further manual intervention) - so long as your Access Token is current (done by essentially always using the Refresh Token to get a new Access Token) 

 

Can you confirm this procedure will remain or is MYOB in the process of changing this?

 

The Doc

  • Han-Solo's avatar
    Han-Solo
    MYOB Moderator
    4 years ago

    Hi The_Doc,

     

    Thanks for reaching out. Yes that is correct, changes have been made to the login window of the AccountRight company file however via the API there is no change. Keep in mind the user setting option from the UI under Setup >> User Access >> Link My.myob, will still need to be left unticked so the CFtoken header is required. 

     

    Yes, the process will remain the same as far as we have been advised. If there are any changes to the API this will be communicated to the community. 

     

    Let us know if you have any questions, 

     

     

     

Looking for something else?

Search the Community Forum for answers or find your topic and get the conversation started!

Community home

Dig into MYOB Academy for free courses, learning paths and live events to help build your business with MYOB.