Hi @kjm , my response was too brief, but knowing that we (in our app) authorise with user interaction once, and thereafter by storing the refresh token to get a new access token when required, without user interaction, I thought the notes about that process from MYOB would assist you. I note that the refresh token lasts a week, down from a year originally.

I've been away from my office most of the last week, so my apologies in turn if this is not helpful. 

@Mike_James 

I appreciate any help/reply...certainly no need to apologise.

I wasnt aware the refresh token was for a week until I followed your link and did a search..lol

It would be great if MYOB could implement either the spec for client credentials flow as per Oauth2 or extend the refresh token to a month perhaps?

Any idea if the MYOB API developers read these forums? would be good to know what the plans are 

Hi @kjm 

I was under the impression - and this has been in place since the beginning - that the Access Token lasts 20 minutes - but each time you get an Access Token it updates the Refresh Token for another 7 days.

I have always worked on these parameters and my own VB code assumes this and always works that way.

Correct me if I am wrong but that has been the situation since I started writing and using by own code for at least 2 years.

My original code was written upto 2 years ago but I refreshed the code and it uses, and still uses 7 day expiry.

Regards The Doc

The Doc

@The_Doc 

yes that is what is described in their help 

How long do access tokens & refresh tokens last? – Support for the MYOB family of SME product APIs

Get an access token and then keep using the refreh token for 7 days.

My issue ( and from quite a few other devs on the forum) is that along with apps used by humans we have background jobs running on schedules doing a variety of tasks

These, as the name suggests, run in the background without human intervention on servers etc. 

OAuth2 spec accomodates this by use of client credential flow as link above in my other post

My issue is it would be great if myob would allow this credential flow so that I would not need to remote into server every 7 days to login. Not the end of the world but not ideal either

Peronally/imo setting the refresh token to to 1 year does not sound like it was ever a good idea..I know it is now 7 days but I think they were trying to use the refresh token (1year) to accomodate the client credential flow instead of implementing the actual client credential flow

completely my opinion only I am not basing that on any facts/info

If more than myself request this (and I know there are more than myself in this situation running background jobs) from myob we might have a chance they will actually look at implementing it

Hi @kjm 

Am I missing something here - I too have systems running on servers that do not require human intervention - oh it might hang or the service gets a problem with the API - but I never have had to input logon details for over a year.

i.e. so long as you use the refresh token to get an access token under 7 days then no intervention is needed.

Unless of course you only need a task done at intervals greater than 7 days then yes you would need to logon - why not just build a task to refresh every < 7 days.

regards Howard

@The_Doc ok...that would be good. I have not tried letting it run for 7 days to see if a new access token is recieved. didnt realise that is what it did 

that would solve my issues...thanks for that