Authorizing Client Applications to Work with MYOB Acumatica
MYOB Acumatica supports the OAuth 2.0 mechanism of authorization and OpenID Connect (OIDC) authentication protocol for applications that are integrated with MYOB Acumatica through web services application programming interfaces (APIs) or OData. When a client application of MYOB Acumatica uses OAuth 2.0 or OIDC, the client application does not operate with the MYOB Acumatica credentials to sign a user in to MYOB Acumatica; instead, the application obtains an access token from MYOB Acumatica and uses this token when it requests data from MYOB Acumatica.
Depending on the flow that the client application implements, the client application either has no information on the credentials of an MYOB Acumatica user or uses this information only once to obtain the access token. OAuth 2.0 or OIDC improves the security of the MYOB Acumatica data accessed by the application and simplifies the management of access rights.
The client application that implements OAuth 2.0 or OIDC can use one of the authorization flows supported by MYOB Acumatica, which are the following:
- Authorization Code (OAuth 2.0 and OIDC)
- Implicit (OAuth 2.0 and OIDC)
- Resource Owner Password Credentials (OAuth 2.0)
- Hybrid (OIDC)
In this part, you can find details on the authorization flows and information about how to register the OAuth 2.0 or OIDC client applications and revoke access of the applications.