Authentication and authorization

The QuickBooks Online API uses OpenID Connect for user authentication and the OAuth 2.0 protocol for authorization.  

How do you want to publish your app?

Your app's authentication and authorization requirements depend on how you plan to publish it. Use this flowchart to determine how you want to publish your app and understand what you will need to implement. 

List yesList noSSO yesSSO noImplemetSSOPublishWithSSOOAuthPublishWithOutSSOOAuthOptionalOpenIDPubPrivately

Apps published on the app store

Listed on app store with Intuit single sign-on enabled: users sign up using the app store Get App Now button.

  1. Implement Intuit single sign-on from app store workflow, which includes both Intuit single sign-on with OpenID Connect and authorization with OAuth 2.0.
  2. Learn how to publish your app with Intuit single sign-on enabled.
  3. Meet all technical, security, and marketing requirements. 

Listed on app store without Intuit single sign-on enabled: users are redirected to your app's landing page via app store Learn More button.

  1. OAuth 2.0 integration: required. Intuit single sign-on integration: not available.
  2. Learn how to pubish your app with Intuit single sign-on disabled.
  3. Meet all technical, security, and marketing requirements.

Self-published apps

Not listed on app store: developer controls availability and distribution of the app.

  1. OAuth 2.0 integration: required.
  2. Intuit single sign-on integration: optional.
  3. Learn how to self-publish.
  4. Subject to security requirements if number of connections exceeds 500.
Note

As of July 17, 2017, new or existing developers with no previous apps must implement OAuth 2.0. Click here for OAuth 1.0a documentation, available as a reference for existing applications. 

 Got Questions? Get Answers in our developer forums.