MYOB API Authentication Not Working
Hi, I've been struggling on and off for several weeks trying to get API access working outside of a postman environment using python scripts. I managed to get the initial token refresh request (to https://secure.myob.com/oauth2/v1/authorize/) working fine and my scripts recieve valid access tokens with every request.
My issue is when performing any other request other than refreshing the token, I am met with an unauthorized error and no additional information.
For a standard get request from the api, my request headers are as follows:
"Authorization": "Bearer " + cache["MYOB_ACCESS_TOKEN"],
"Cache-Control": "no-cache",
"Accept": "*/*",
"Accept-Endoding": "gzip, deflate",
"Connection": "keep-alive",
"x-myobapi-cftoken": cache["BASE64_CREDENTIALS"],
"x-myobapi-version": "v2",
"x-myob-api-key": cache["MYOB_API_KEY"]
These headers are exactly the same as those used in the postman environment (except for the cftoken) so I'm absolutely baffled as to what the issue with the authentication processes is.
An example of the requests attempting is as follows:
URL: {{company_file_uri}}/{{company_file_id}}/Sale/Invoice/Service
r = requests.get(url, headers=get_headers())
Interestingly, I've noticed that the refresh token response for my python requests is missing several attributes that are described in the API docs. My response only includes 'access_token' and 'scope', while the docs specify 'access_token', 'token_type', 'expires_in', 'refresh_token', 'user':{ 'uid', 'username'}; it is worth noting that these attributes do exist in the postman response for the refresh token request.
I have also noticed that this request does not work in postman or python.
https://secure.myob.com/oauth2/v1/Validate?scope="CompanyFile"