Quite a common question as more and more people build solutions that read, write and process data on behalf of a user when they are not in front of the computer.
The short answer is Yes.
The longer answer is No.
Authentication & Tokens
MYOB uses OAUTH 2 (code flow) as the framework to allow the granting of permission to read or write data over the API. This grant process is the only time the user needs to be actively involved, they need to provide their permission. This happens once during setup and there is no way around this. You must build tools/services to allow a user to explicitly grant permission.
After that, you have the access_token and refresh_token to enable your solution to read and write data while the user is not involved.
So yes, you can use the API without the user being involved all the time. However no you can't use the API without the user ever logging in - at least once.
You do not need to authorise every time to connect via the MYOB api.
Please sign in to leave a comment.