Thank you for visiting our Partner Zone. This area is an exclusive space for MYOB Partners. Find out how to Partner with MYOB.
October 2022
October 2022
Hi @Mike_James
you've pointed me to the apisupport page? not sure what you are referring to by that link..? Iahave seen it and read it.. are you referring to the refresh token timout How long do access tokens & refresh tokens last? – Support for the MYOB family of SME product APIs
I know it is a week but not really the same as
Client Credentials Flow (auth0.com)
or
RFC 6749: The OAuth 2.0 Authorization Framework (rfc-editor.org)
which are really what I am hoping for...
apologies if I have misunderstood...
October 2022
October 2022
Hi @kjm , my response was too brief, but knowing that we (in our app) authorise with user interaction once, and thereafter by storing the refresh token to get a new access token when required, without user interaction, I thought the notes about that process from MYOB would assist you. I note that the refresh token lasts a week, down from a year originally.
I've been away from my office most of the last week, so my apologies in turn if this is not helpful.
Regards, Mike (mike@datawise.co.nz)
DataWise Limited (www.datawise.co.nz), developers of:
DataWise ProActive - Custom Reporting from MYOB programs
(MYOB Business, including AccountRight Live, AccountRight v19.x and exo Payroll)
Bulk download of attachments (more details...)
October 2022
October 2022
I appreciate any help/reply...certainly no need to apologise.
I wasnt aware the refresh token was for a week until I followed your link and did a search..lol
It would be great if MYOB could implement either the spec for client credentials flow as per Oauth2 or extend the refresh token to a month perhaps?
Any idea if the MYOB API developers read these forums? would be good to know what the plans are
October 2022
October 2022
Hi @kjm
I was under the impression - and this has been in place since the beginning - that the Access Token lasts 20 minutes - but each time you get an Access Token it updates the Refresh Token for another 7 days.
I have always worked on these parameters and my own VB code assumes this and always works that way.
Correct me if I am wrong but that has been the situation since I started writing and using by own code for at least 2 years.
My original code was written upto 2 years ago but I refreshed the code and it uses, and still uses 7 day expiry.
Regards The Doc
The Doc
October 2022 - last edited October 2022
October 2022 - last edited October 2022
yes that is what is described in their help
How long do access tokens & refresh tokens last? – Support for the MYOB family of SME product APIs
Get an access token and then keep using the refreh token for 7 days.
My issue ( and from quite a few other devs on the forum) is that along with apps used by humans we have background jobs running on schedules doing a variety of tasks
These, as the name suggests, run in the background without human intervention on servers etc.
OAuth2 spec accomodates this by use of client credential flow as link above in my other post
My issue is it would be great if myob would allow this credential flow so that I would not need to remote into server every 7 days to login. Not the end of the world but not ideal either
Peronally/imo setting the refresh token to to 1 year does not sound like it was ever a good idea..I know it is now 7 days but I think they were trying to use the refresh token (1year) to accomodate the client credential flow instead of implementing the actual client credential flow
completely my opinion only I am not basing that on any facts/info
If more than myself request this (and I know there are more than myself in this situation running background jobs) from myob we might have a chance they will actually look at implementing it
October 2022
October 2022
Hi @kjm
Am I missing something here - I too have systems running on servers that do not require human intervention - oh it might hang or the service gets a problem with the API - but I never have had to input logon details for over a year.
i.e. so long as you use the refresh token to get an access token under 7 days then no intervention is needed.
Unless of course you only need a task done at intervals greater than 7 days then yes you would need to logon - why not just build a task to refresh every < 7 days.
regards Howard
October 2022
October 2022
@The_Doc ok...that would be good. I have not tried letting it run for 7 days to see if a new access token is recieved. didnt realise that is what it did
that would solve my issues...thanks for that
3
|
262
|
|||
6
|
369
|
|||
5
|
653
|
|||
7
|
1197
|
|||
8
|
708
|