Connected Applications

Form ID: (SM303010)

You use this form to register OAuth 2.0 or OpenID Connect (OIDC) client applications in MYOB Advanced; you can also use the form to review the access settings of an application and to revoke the access that has been granted.

Form Toolbar

The form toolbar includes standard and form-specific buttons and commands. For the list of standard buttons, see Form Toolbar and More Menu. The form-specific commands are listed in the following table.


Button	Description
Revoke Access	Revokes the access that has been provided to the application. When you invoke this action, the system removes from the database all access tokens generated for this application, and the application cannot access data in MYOB Advanced by providing any of these tokens. Note: If the access formerly granted to the application is revoked, the secrets that were configured for this application on the Secrets tab of the form remain valid (until their expiration date, if applicable), and the application can use these secrets to request an authorization token again.
Authorise Velixo	Adds your Velixo Reporting records to MYOB Advanced. Note: To add Velixo Reporting generic inquiries, you can use the Microsoft Excel add-on, which requires a Velixo Reporting licence that is paid for separately from MYOB Advanced.

Summary Area

In this area, you can register a client application to which you want to grant access or select a registered application and then edit its access settings.


Element	Description
Client ID	The automatically generated ID of the client application. MYOB Advanced generates this ID when you save a new client application on the form; you cannot enter the value of this field manually for a new client application. The client application uses this ID during authentication in MYOB Advanced. The format of the client ID is `<GUID>@<Company_ID>`, where `<GUID>` is an auto-generated string, and `<Company_ID>` is the ID of the company to which data the client application can request access. This company ID is the ID of the company to which the user who registered the client application was logged in at the time of registration. To view the settings of an existing client application, select the identifier of the client application in this box.
Client Name	Required. The name of the client application.
Active	A check box that indicates (if selected) that the registration of this client application is active and the application can access MYOB Advanced by using the provided client credentials. By default, the check box is selected.
Flow	The flow that is used by the client application for authentication in MYOB Advanced. The flow can be one of the following options: Authorization Code: The client application uses the OAuth 2.0 or OIDC authorization code flow. For details on the authorization code flow, see Authorization Code Flow. Implicit: The client application uses the OAuth 2.0 or OIDC implicit flow, described in Implicit Flow. Resource Owner Password Credentials: The client application uses the OAuth 2.0 resource owner password credentials flow. For information about the flow, see Resource Owner Password Credentials Flow. Hybrid: The client application uses the OIDC hybrid flow (see Hybrid Flow).
Plug-In	The plug-in that contains custom claims. Acumatica can provide such plug-ins in customization projects.

Secrets Tab

You use this tab to add secrets, which are used during application authorization, for the selected application. You can use one secret or multiple secrets for the selected application. For an already-registered client application, you can also edit and delete the secrets that have been defined on this tab.

Note: The system ignores secrets for an application with the Implicit flow, so you should not add secrets in this case.

Table 1. Table Toolbar
The table toolbar includes standard buttons and buttons that are specific to this table. For the list of standard buttons, see Table Toolbar. The table-specific buttons are listed below.
Button	Description
Add Shared Secret	Opens the Add Shared Secret dialog box, which you can use to add a secret of the Shared Secret type to the list of secrets of the client application on this tab.

Table 2. Table Columns
Column	Description
Type	The type of the secret. Currently, Shared Secret is the only supported type.
Description	The description of the secret.
Expires On (UTC)	The date and time when the secret expires. Expired secrets remain in the table rather than being deleted automatically.

Table 3. Add Shared Secret Dialog BoxIn the Add Shared Secret dialog box, you can create a secret of the *Shared Secret* type for the application.
Element	Description
Description	Required. The description of the secret.
Expires On (UTC)	The date and time when the secret expires. Expired secrets remain in the table on Secrets tab rather than being deleted automatically.
Value	Required. The value of the secret. The value is generated automatically by the system when you open the dialog box to create a shared secret. To be authorized in MYOB Advanced, the client application must provide this value along with other authorization parameters. Important: For security reasons, the value of the secret is displayed only once: during the creation of the secret in this dialog box. You should copy and save this value before you close the dialog box.
The dialog box has the following buttons.
OK	Closes the dialog box and adds the new secret to the table on the Secrets tab.
Cancel	Closes the dialog box without creating a secret.

Redirect URIs Tab

You use this tab to add or remove the unique resource identifiers (URIs) to which the client application is redirected after the user is authenticated in MYOB Advanced and grants access to the application.

Note: A redirect URI is not necessary if you are registering a client application with the resource owner password credentials flow (that is, a client application with Resource Owner Password Credentials selected in the Flow box of the Summary area).

The table toolbar includes only standard buttons. For the list of standard buttons, see Table Toolbar.

Table 4. Table Columns
Column	Description
Redirect URI	The URI to which the client application should be redirected after the user is authenticated in MYOB Advanced and grants access to the application. The redirect URI must be absolute and must not have the fragment part (the part preceded with #). The system compares this URI with the URI specified in the authorization request of the client application, and if these URIs are not identical, redirection fails.

Claims Tab

You use this tab to select the claims that are to be returned in the response to the client application. The table contains standard claims (those defined in MYOB Advanced) and custom claims (those defined in the selected plug-in).

The table toolbar includes only standard buttons. For the list of standard buttons, see Table Toolbar.

Table 5. Table Columns
Column	Description
Active	A check box that indicates whether the claim should be returned in the response to the client application. By default, the check box is selected.
Claim Name	The name of the claim.
Scope	The scope that the claim belongs to.
Plug-In	The plug-in in which the claim is defined. For a standard claim, the value is Built-in. For a custom claim, the value is taken from the Plug-In box of the form.
Description	The description of the claim.