To authenticate an application, it must be registered with the MYP API service. To register an application, follow the steps outlined in this article.
To register an application with the MYP API, you must be an MYP Subscriber with relevant API permissions. Your MYP Champion can assign these permissions where required.
To register an application:
- Log in to MYP
- Navigate to ARM Pro > Administration > API applications via the side navigation menu
- Select ‘Add API application’
- Enter the application details:
- Application name: the name of your application
- Organisation URL: the URL of your organisation or application
- Select ‘Generate keys’ to generate the client_id and client_secret keys
After the application has been successfully registered, you will receive a client_id and a client_secret, which are required to obtain an access token.
NB: The client secret is like a password for your application. Once generated, client secrets cannot be retrieved, so save it in a secure location. If you lose the client secret, you will have to re-register your application.
- If you would like to redirect users to more than one URL after they log in, select ‘Add’ (the ‘+’ icon next to ‘OAuth redirect URL’) to add more redirect URLs
- Select ‘Save’ to finish registering the application
Get access token
When an application needs to use the MYP API to access business data, it needs to have an access token for authentication. The access token can be obtained from our Authentication Endpoint by using the client id and client secret which were generated when the application was registered.
To obtain the access token, a POST API request needs to be sent with the following headers and body values:
||The request format.
||The id for your application which was generated on registration.
||The secret for your application which was generated on registration.
||Method by which application gets an access token.
||List of scopes, separated by space, for which the application is requesting access for.
Here is an example JSON response:
"scope": "client.read contact.read contact.write staff.read"
- “access_token”: a JSON web token (JWT) that should be passed as a parameter when calling the MYP API
- “expires_in”: how long the token is active for (in seconds), after it has been created
- “token_type”: the type of JWT
- “scope”: the level of access the application has
NB: After the token has expired, you will need to obtain a new access token to call MYP API.
Below are the scope options that can be requested from MYP Authorisation server if the Client has been given permission to access them:
||Read access for Client end point
||Read access for Contact end point
||Read access for Staff end point