Hello, if I am building CRM that push data from the CRM to Myob for every different customer, in the section of
x-myobapi-cftokenI need to ask the customer his name and password to MYOB and encode it? (not make sense for me ).
or i just need to put my details for the user that make this app?
The Access Token that you use to make http requests to MYOB is associated with an "online file user" with a my.myob account. If that my.myob account is associated with a Company File User (in MYOB, Manage Users, select "this user will sign on with a my.MYOB account") you don't need the x-myobapi-cftoken. It's the same as when you are using AccountRight Live, if the company file user is linked to your my.myob account you log in through my.myob and don't see the Company File User login screen.
When the my.myob account that's getting the Access Token is linked to a Company File User you can just leave the x-myobapi-cftoken header out of your http request message. The Access Token authenticates the Company File User through the Online File User.
It is the user's credentials to access their MYOB datafile.
See here for details:
https://developer.myob.com/api/accountright/api-overview/authentication/
