OAuth 2.0 playground

The OAuth 2.0 playground allows you to walk through each step in both the OAuth 2.0 and OpenID Connect workflows in order to understand how these protocols work.

Prerequisites

Get the access token

Invoke the OAuth 2.0 playground directly, or from the menu at the top right. Select Apps & Resources and then click OAuth2 Playground under Tools. Authorize the connection between your app and the QuickBooks company. The playground uses its own OAuth redirect URI to field the authorization request;

  1. Select App and scopes. On the OAuth 2.0 Playground dialog click the Select app drop-down list and choose the desired app. The Client ID and Client Secret would be pre-populated based on this selection. In the animation below, the OAuth scope, Accounting, is selected. To know more about other scopes refer below :
  2. Get the authorization code. In the Step 1 Click the Get Authorization Code button and then the Authorize button on the connection dialog to initiate the company authorization workflow. The next playground section, Get OAuth 2.0 token from auth code, is populated with the authorization code and company ID.
  3. Exchange code for access token. In the Step 2, click Get Tokens button to finish the authorization process. The response payload contains the access token for use in subsequent API calls and the refresh token to use when refreshing the access token. Click here for information about this response payload.

From here, use the playground to make API calls or refresh the access token.

qbo/docs/develop/authentication-and-authorization/OAuth2Playground-new.gif

Make API calls ( optional )

The Make API Calls panel is populated with the realm Id (labeled Company ID) and the current access token, ready for you to test out some API calls. The Call API dropdown list contains the three available API calls you can make from the playground. Availability of each is based on the scopes you choose when getting your access token.

API call Required scope Description
Get Company Info com.intuit.QuickBooks.accounting Calls the QuickBooks Online API CompanyInfo resource to get information about the company corresponding to the realm Id.
Submit Charge com.intuit.QuickBooks.payments Calls the QuickBooks Payments API Charges resource to create a charge to the test Visa card account.
Get User Info OpenID and at least one of Profile, Email, Phone, Address. Calls the userinfo resource to ge addittional information about the logged in user. The information retured is based on OpenID scopes chosen during authorization.

Refresh the access token ( optional )

The Refresh Access Token panel is populated with the current access and refresh tokens. Click Refresh Access Token to refresh the token. As a general rule, access tokens need to be refreshed every 60 minutes. Click here for further information about refreshing access tokens.