Authorizing Client Applications to Work with MYOB Advanced

MYOB Advanced supports the OAuth 2.0 mechanism of authorization for applications that are integrated with MYOB Advanced through an application programming interface (API) or OData interface. When a client application of MYOB Advanced uses the OAuth 2.0 mechanism of authorization, the client application does not operate with the MYOB Advanced credentials to sign in a user to MYOB Advanced; instead, the application obtains an access token from MYOB Advanced and uses this token when it requests data from MYOB Advanced.

Depending on the OAuth 2.0 flow that the client application implements, the client application either has no information on the credentials of an MYOB Advanced user or uses this information only once to obtain the access token. The OAuth 2.0 mechanism of authorization improves the security of the MYOB Advanced data accessed by the application and simplifies the management of access rights.

The client application that implements the OAuth 2.0 or OpenID Connect (OIDC) authorization mechanism can use one of the authorization flows supported by MYOB Advanced, which are the following:

• Authorization code (OAuth 2.0 and OIDC)
• Implicit (OAuth 2.0 and OIDC)
• Resource owner password credentials (OAuth 2.0)
• Hybrid (OIDC)

In this chapter, you can find details on the authorization flows and information about how to register the OAuth 2.0 or OIDC client applications and revoke access of the applications.