When completing Authorization we can often encounter the error Invalid request. The error invalid request is generally caused when there is a mismatch of your details either between My.MYOB or within your app itself.
Most common causes for Invalid request errors:
- The redirect URI does not match the API key configuration in MY.MYOB (case and space sensitive) please ensure there are no spaces after the redirect URI in My.MYOB or your app along with a trailing slash. You can see in the screenshots below that there is a miss match in the redirect URI with the trailing slash.
- The code that is obtained during Oauth is single-use only. If you use this code and receive an error you will need to start the authentication again and obtain a new code. Please also note that the code needs to be URL decoded.
Double encoded redirect URL:
- The redirect_uri param is encoded twice or not at all. When exchanging the code, you need to POST x-www-form-urlencoded data to the server. Always set your content-type header to x-www-form-urlencoded and let that do the final encoding of the data.
To resolve this:
- Always decode the authorization code from the URL
- Always prepare your body using non-encoded content
- Always set your content-type header to x-www-form-urlencoded and let that do the final encoding of the data.
- One or more parameters are missing, incorrect, or badly formatted. Please ensure you have all the required parameters when completing the authorization. You can view the full documentation on our website for Authentication.
List all of the required parameters
GET Access tokens:
Get Refresh token POST:
If you are still receiving the error Invalid request error we recommend viewing the support article for How to complete end-user Authorisation.