Scopes limit what data your app can read and update. Instead of getting broad permissions for everything, set granular permissions so your app only focuses on what’s necessary. Here are the scopes for the QuickBooks Payroll API:
| Scope | Description | Sensitive Data? |
|---|---|---|
company.read |
Grants access to company information | |
company.taxidentifier.read |
Grants access to the tax identifier (EIN, CBN) for the company | Yes |
employee.read |
Grants access to employee information | |
employee.taxidentifier.read |
Grants access to the tax identifier (SSN, SIN) for the employee | Yes |
employee.birthdate.read |
Grants access to employee birth date | |
payroll.compensation.read |
Grants access to payroll compensation | |
payroll.benefits |
Grants access to payroll benefits |
Note
Note: Sensitive data requires additional legal agreement and manual onboarding with our support team.
Endpoints are the locations on our server where apps send requests to call APIs.
Since the QuickBooks Payroll API is based on GraphQL, there’s only one endpoint. No matter which entities or fields you include in your queries, requests all go to the same endpoint.
For production apps: https://qb.api.intuit.com/graphql