Authentication and authorization

Your server-side app will use QuickBooks Online OAuth libraries or endpoints to implement the OAuth 2.0 authorization that allows your apps to access QuickBooks Online APIs. OAuth 2.0 lets an application access specified user data without requiring access to a user’s private credentials. This means that an application can use OAuth 2.0 to obtain permission from a QuickBooks Company admin to read and write data to their QuickBooks company.

This OAuth 2.0 flow is designed to allow your app to access the QuickBooks Online API whether the user is interacting with the application or not.

Code samples and SDKs

Here are some code samples and SDKs with client libraries that can help you implement OAuth 2.0.

OAuth 2.0 sample integrations included in SDKs:

Sample OAuth 2.0 implementations that are SDK independent:

Note

Note

OAuth 1.0 is deprecated and should no longer be used. See Getting Started below for more information

Get started

To begin, get your OAuth keys from your app’s Keys tab of your Intuit Developer account. Your app uses these keys to get an access token from the Intuit OAuth service for access to the QuickBooks company for which the admin user authorizes.

OAuth 1.0 will be disabled as of December 17, 2019. If you are currently using OAuth 1.0 for your apps (including apps still under development), be sure you migrate to OAuth 2.0 and (if applicable) OpenID Connect by December 17, 2019.

The information below helps you to identify which OAuth stack your app is using.

Item OAuth1.0a OAuth 2.0
Keys OAuth Consumer Key, OAuth Consumer Secret on app’s Keys tab Note: App Token on Keys tab is unused. Client ID, Client Secret on app’s Keys tab
URI to serve OAuth requests oauth_callback query parameter in get_request_token processing, in your code. Redirect URI on app’s Keys tab
URI to serve Intuit Single Sign-0n requests OpenID URL on app’s Settings tab Connect Request URL on app’s Settings tab
Playground OAuth 1.0a playground OAuth 2.0 playground
Identity authentication OpenID 2.0 OpenID Connect
Documentation OAuth 1.0a integration and OpenID 2.0 integration OAuth 2.0 integration and OpenID Connect integration

Here is a side-by-side comparison of how your application dashboards on the developer portal should look:

  • If you have been using OAuth 1.0, you will see an OAuth 1.0 Keys tab and an OAuth 2.0 Keys tab.
  • If you have already been using OAuth 2.0, you might see only one Keys tab along with a message that says “This app integrates with OAuth 2.0 and OpenID Connect.”
qbo/docs/develop/OAuthGetStarted1.png
qbo/docs/develop/OAuthGetStarted2.png