Forum Discussion

SanBhat's avatar
SanBhat
Contributing User
4 years ago

MYOB API Logins

Hi MYOB dev team,

 

We have a question on the implementation.

 

Background:
We are using the open-access developer account. Our client has a file in the cloud (AccountRight). We are developing an MYOB solution for our client where they want to automate the invoice creation process using API's. Whenever a customer pays for their service, the website connects to their company file and create an invoice in it.

 

We have got it working. However, we have a few questions.

 

This is currently how we tested and developed
1) First time, the app asks for permission to access the company file. Company file's administrator login to their MYOB account and give access to company file and control redirects back to the requested site with Access code.

Q) Do we need the company's administrator to re-login again in future to give access to our app (for the access code) or do we need them only for the first time? They are not expected to re-login after the first time.

 

2) Application uses that Access code and get the access token (or can ask for refresh token if required)

 

3) Application uses Access token and Company file credentials (that we have saved in the web.config) to create the Invoice in their company file.
Q) What are the best practices to store the company file credentials? Are we supposed to ask our client for their company file credential?

 

We would really appreciate if you could help us or direct us to the right place.

Thanks
Sandeep

 

 

  • Hi SanBhat,

     

    Thank you for reaching out, Great to hear you are developing an MYOB solution. 

     

    1, Yes that is correct the Administrator would only need to complete the authentication once. Keep in mind you would need to store the refresh and access tokens so this can refresh the tokens so your Administrator would not need to complete Oauth again.  You can view our support note Here on refreshing access tokens. 

     

    The support note included above should cover question 2 and 3. you are also more than welcome to create an API support request with us here.

     

1 Reply

Replies have been turned off for this discussion
  • Hannah_B's avatar
    Hannah_B
    MYOB Moderator

    Hi SanBhat,

     

    Thank you for reaching out, Great to hear you are developing an MYOB solution. 

     

    1, Yes that is correct the Administrator would only need to complete the authentication once. Keep in mind you would need to store the refresh and access tokens so this can refresh the tokens so your Administrator would not need to complete Oauth again.  You can view our support note Here on refreshing access tokens. 

     

    The support note included above should cover question 2 and 3. you are also more than welcome to create an API support request with us here.