Forum Discussion

harvey1916's avatar
harvey1916
Contributing User
4 years ago

Unauthorized return

Hi i have a simple call to the api.com.myob but it returns unauthorized
here are the tokens needed.

also accessing this url
https://ar1.api.myob.com/accountright/20[Truncated]1

still returns unauthorized.

even calling https://ar1.api.myob.com/accountright/20[Truncated]1/CurrentUser return Unauthorized.
I am using Sandbox Demo 9.

please help


  • Hi harvey1916,

     

    Thanks for reaching out, There are a couple of different reasons that can cause the error 401 Unauthorised. What we find is one of the main reasons that would break this connection and return the error 401 Unauthorized or cause us to change the x-myobapi-cftoken header, Is if the client has enabled SSO (Single sign on). When the client enables SSO this means they only need to log into the AccountRight file using there my.myob email and password and the username and password is not linked and not required. From an API point of view, if the client enabled SSO we no longer need to pass the x-myobapi-cftoken header. A good way to test this is to remove the header and completed a request. If this did not resolve the issue then we would be looking to see if the client had updated their password. I had a look at our Sandbox demo 9 file and could see that SSO had been enabled. I have disabled SSO on that file if you could try a request again and see if you get the same error.

     

    Here is a support note with some more information on SSO https://apisupport.myob.com/hc/en-us/articles/360001479716-Single-Sign-on-SSO-and-cftoken

     

    If the above does not resolve the error you can create a support request with us HERE.

     

    Thanks, 

  • Hannah_B's avatar
    Hannah_B
    MYOB Moderator

    Hi harvey1916,

     

    Thanks for reaching out, There are a couple of different reasons that can cause the error 401 Unauthorised. What we find is one of the main reasons that would break this connection and return the error 401 Unauthorized or cause us to change the x-myobapi-cftoken header, Is if the client has enabled SSO (Single sign on). When the client enables SSO this means they only need to log into the AccountRight file using there my.myob email and password and the username and password is not linked and not required. From an API point of view, if the client enabled SSO we no longer need to pass the x-myobapi-cftoken header. A good way to test this is to remove the header and completed a request. If this did not resolve the issue then we would be looking to see if the client had updated their password. I had a look at our Sandbox demo 9 file and could see that SSO had been enabled. I have disabled SSO on that file if you could try a request again and see if you get the same error.

     

    Here is a support note with some more information on SSO https://apisupport.myob.com/hc/en-us/articles/360001479716-Single-Sign-on-SSO-and-cftoken

     

    If the above does not resolve the error you can create a support request with us HERE.

     

    Thanks,