MYOBCommunity
Partner Zone
|
|
Partner Zone

AccountRight Live API Company file authentication

3 REPLIES
MYOB Staff Post DeveloperJack
141 Posts
MYOB Staff Post
Australia
DeveloperJack
MYOB Staff Post

141Posts

30Kudos

21Solutions

Re: AccountRight Live API Company file authentication

Hi there @gihan,

It sounds like a great use for setting up user roles within your company files. We have a help guide on how to do this in-product: http://help.myob.com/wiki/display/ar/Set+up+roles

 

The x-myobapi-cftoken header is how you login to a given file, and we have a best practice guide for company file authentication (http://developer.myob.com/api/accountright/best-practice-guides/company-file-authentication/) that may help you implement this workflow.

 

Hope this helps!

 

Jack

 

Jack Skinner
MYOBapi Evangelist

Are you a developer? Check out http://developer.myob.com
Looking for an Add-on? Check out http://myob.com/addons/
Partner gihan
2 Posts
Partner
Australia
gihan
Partner

2Posts

0Kudos

0Solutions

Re: AccountRight Live API Company file authentication

Hi @HelenB,

 

Thanks a lot for your detailed response and guide me in the right direction. 

 

Is it possible to store multiple tokens for multiple company files belong to different serial numbers in the same token file and retrieve when required to make a call? 

 

What I want to do is create a generic service account inside each of the company files with just enough permission to read company information (ABN) and Employee Data, Payroll report data with other reference data required for payroll. Does this account needs to be as same as developer login ID or can it be a different one? 


Then perhaps I can develop a configuration screen (to be used by a tech operator who'll install and configure the app I'm developing) where it lists all company files, which this generic service account has access to.  And then prompts to select and login into each file once and save the resulting tokens in a central file, obviously with an indicator to identify which tokens belong to which company file to be used later with subsequent API calls when retrieving actual payroll data.

 

Let me know if I'm stepping in the right direction with this or not. 

 

Thanks again.

 

MYOB Staff Post HelenB
264 Posts
MYOB Staff Post
New Zealand
HelenB
MYOB Staff Post

264Posts

213Kudos

61Solutions

Accepted Solution Solved Solution

Re: AccountRight Live API Company file authentication

Hi @gihan

 

Thanks for reaching out to us and welcome to the community forum. Your customer will always have to use OAuth, You could use an initial standalone configuration page/screen to complete the OAuth steps. Behind the scenes, however, you could securely store the access and refresh tokens for accessing the API. When an access token expires, simply refresh it (see refresh tokens in our docs). The refresh/access token API call to secure.myob.com does not require the user to login - it uses the refresh token to generate a new access token.
Both access and refresh tokens have expiries (access tokens are generally 20 minutes while refresh tokens are usually months/years); so yes they have expiries like sessions, but they should still work for a headless/CLI app such as what you're building.
Overall this means that you should:


• Oauth once, and exchange the access code for access/refresh tokens
• Securely store the access/refresh tokens for your headless app/sync/CLI tool.
• Continue using that access token until just before expiry
• Refresh the token (using the refresh token) and store the new access/refresh token.
• Rinse and repeat. 

 

If you have any further questions, feel free to reach out to us at developers@myob.com.

 

Thanks

 

@HelenB
Helen Brophy
MYOB Developer Support

Are you a developer? Check out http://developer.myob.com
Looking for an Add-on? Check out http://myob.com/addons/
Partner gihan
2 Posts
Partner
Australia
gihan
Partner

2Posts

0Kudos

0Solutions

Solved: Go to Solution

AccountRight Live API Company file authentication

Hi,

I'm new to this forum and using Live API so apologies in advance if this has been answered previously, but I couldn't find a correct answer searching through the forum. 

 

I'm trying to develop a console application using .Net SDK to extract Payroll data from several company files which are placed online. And this application needs to run on a weekly schedule automatically without any user interaction or intervention. 

 

In this scenario how to authenticate to online company file avoiding the prompting of the online MYOB login page (Oauth2 login) to get an access token to be used in subsequent API calls? Can this step also be automated using online user credentials stored in a secure configuration file? 

 

I tried the C# and VB.Net sample applications and got them working in my dev environment to connect to local files without Oauth2. I assume when using Cloud flag (Oauth2), it would still require an end user to login using the Oauth2 login screen first to grant an access token to the app. 

 

Is it possible to setup a common service login across all company files and use this login in the program to authenticate against the live API? 

 

Thanks

Didn't find your answer here?
Try using advanced search to find a post more easily Advanced Search
or
Get the conversation started and make a new post Start a Post