Windows Mobile app
AccountRight Live API
To demonstrate how to handle the authorisation process i.e. handling the process where a user allows your application to access their MYOB Company File data hosted "in the cloud".
Getting Started
Before running this application on a device or emulator it is necessary to register an application (use http://desktop
as the Redirect Url) and then amend the supplied client_id
and client_secret
in the Configuration.cs file.
Code Description
It is assumed the developer examining this code is familiar with .NET development on the windows phone platform, however the ideas tested here can be easily transferred to other platforms.
This is not a full application and may require extra error handling to make it production ready; contributions from the community will be accepted.
Step 1
First it is necessary to get the user to grant your application access to their data, this process eventually leads you to a stage where you will have a OAuth token that can be used to access the AccountRight Live API (see Getting Started Documentation).
The sample application uses a hosted browser to extract a code from the returned HTML once the user has granted your application access to their data (see OAuthLogin_Navigated
in MainPage.xaml.cs.)
Step 2
Once you have a code it it necessary to use that code
to fetch an OAuth token that you can use to make requests to the users company files.
This is done by making a request to https://secure.myob.com/oauth2/v1/authorize
as detailed in the Authentication documentation (see OAuthRequestHandler.)
Step 3
Now that we are in possesion of an OAuth Token
we can use this token to make requests against the AccountRight Live API. The token is used in the Authorization header (see ApiRequestHandler) along with other headers such as x-myobapi-key
and x-myobapi-cftoken
to access the api.
Recommendations
We recommend that when accessing the API that you attempt to use compression in your requests to improve performance and to reduce the data delivered to your clients; this is especially important on mobile devices where bandwidth and data download limits apply. Use the header Accept-Encoding set to gzip in your requests and check for the header Content-Encoding
set to gzip in the response.