Invalid request getting access token

This thread is now closed to new comments.
Some of the links and information provided in this thread may no longer be available or relevant.
If you have a question please start a new post.
2 REPLIES 2
Highlighted
Ultimate Partner
4,472 Posts
Ultimate Partner
New Zealand
Ultimate Partner

4,472Posts

2,010Kudos

561Solutions

Re: Invalid request getting access token

Hi @CPSVu , maybe the Postman collection for AccountRight would help you?


Regards, Mike (mike@datawise.co.nz)
DataWise Limited (www.datawise.co.nz), developers of:
DataWise Report Writer - Custom Reporting from MYOB programs
(Including AccountRight Classic/Live, and exo Payroll)

Highlighted
2 Posts
User
User

2Posts

0Kudos

1Solutions

Accepted Solution Solved

Re: Invalid request getting access token

I figured it out. I'll leave the solution here for users who may run into the same issue.

 

I used a very dodgy method of retrieving the code without a web socket, which was using a Chrome extension to modify headers of my access code request in order to log in (which requires browser). Then I got the code directly from Chrome's URL bar. This means the code is URL encoded, hence my invalid request. I decoded the URL and send the request again (with a similarly unencoded Redirect URI) and got the access token.

 

I had to do the "Chrome-based modified-header request" thing because I was only trying to log in as a developer, not using any web interface for users with a public facing URL that could be redirected to. Could not find any existing solution for it. It would help if MYOB support could chime in with a better solution to retrieving the code. 

Highlighted
2 Posts
User
User

2Posts

0Kudos

1Solutions

Solved: Go to Solution

Invalid request getting access token

I have been trying to get the MYOB access code using my API keys for two days to no avail...

 

I got the access code from `https://secure.myob.com/oauth2/account/authorize`, passing my client_id (API key), redirect URI (URL encoded), scope. At first I got  the "DeveloperInactive" error but by adding `x-myobapi-key` in the headers (the same API key as in client_id) that has gone away.

 

Now I have a different problem. Using the `code` from previous, I created this get_access_token script (in python)

```

data = {
'client_id': 'q[redacted]y',
'client_secret': 'Z[redacted]z',
'scope': 'CompanyFile',
'code': 'Wkb[redacted]', # what I got from the previous step
'redirect_uri': '[redacted]',
'grant_type': 'authorization_code'
}

headers = {
'Content-Type': 'application/x-www-form-urlencoded'
}

resp = requests.post(url, data=data, headers=headers)
print(resp.content)
```
 
this simply returns `'{"error":"invalid_request"}'`
 
I am new to this process and I'm not sure how the request can be invalid. I have tried many combinations of the redirect_uri and the code being url_encoded or not. I simply want to access the company files. Hope someone can enlighten me. Thanks.

Didn't find your answer here?

Try using advanced search to find a post more easily Advanced Search
or
Get the conversation started and make a new post Start a Post