OAuth 2.0 playground

The OAuth 2.0 playground is a tool used to experiment with the OAuth 2.0 protocol and QuickBooks Online APIs. It is pre-configured to use with Intuit's OAuth 2.0 endpoints so you can quickly get started. The playground allows you to walk through each step in both the OAuth 2.0 and OpenID Connect workflows in order to understand how these protocols work. At each step the playground displays the full HTTP request and response. 

Looking for the OAuth 1 playground? Click here


  • Experience with the following:
    • JSON request and response payloads.
    • The general steps involved in OAuth 2.0 authorization and OpenID Connect authentication.
  • Intuit Developer account and app
  • Data
    • Sandbox or a production QuickBooks Online company populated with a chart of accounts, customers, and items. The examples in this tutorial use the sandbox company.
    • Development or production app keys.
Learn more

Invoke the playground

Invoke the OAuth 2.0 playground for your app.

  1. Sign in to developer.intuit.com and click My Apps.
  2. Find and open the app you want to use or create an app.
  3. Click the Dashboard tab and click the Test connect to app (OAuth).


The OAuth 2.0 Playground appears pre-populated with your app's development Client ID and Client Secret. If you want to use production keys instead, select the production app from the drop-down list.

Get the access token

Now, authorize the connection between your app and the QuickBooks company. The playground uses its own OAuth redirect URI to field the authorization request;  

  1. Select scopes. On the OAuth 2.0 Playground dialog click the Select Scopes drop-down list and choose desired scopes. In the animation below, the OAuth scope, Accounting, is selected. Click here for details about OpenID Connect scopes and here for OAuth scopes. 
  2. Get the authorization code. Click the Get Authorization Code button and then the Authorize button on the connection dialog to initiate the company authorization workflow.  The next playgrond section, Get Tokens from Authorization Code, is populated with the authorization code and company ID.
  3. Exchange code for access token. In the Get Tokens from Authorization Code section, click the Get Tokens button to finish the authorization process. The response payload contains the access token for use in subsequent API calls and the refresh token to use when refreshing the access token. Click here for information about this response payload.

From here, use the playground to make API calls or refresh the access token.


Make API calls

The Make API Calls panel is populated with the realm Id (labeled Company ID) and the current access token, ready for you to test out some API calls. The Call API dropdown list contains the three available API calls you can make from the playground. Availability of each is based on the scopes you choose when getting your access token.

API callRequired scopeDescription
Get Company Infocom.intuit.quickbooks.accountingCalls the QuickBooks Online API CompanyInfo resource to get information about the company corresponding to the realm Id.
Submit Chargecom.intuit.quickbooks.paymentsCalls the QuickBooks Payments API Charges resource to create a charge to the test Visa card account.
Get User InfoOpenID and at least one of Profile, Email, Phone, Address.Calls the userinfo resource to get additional information about the logged in user. The information retured is based on OpenID scopes chosen during authorization.

Refresh the access token

The Refresh Access Token panel is populated with the current access and refresh tokens. Click Refresh Access Token to refresh the token. As a general rule, access tokens need to be refreshed every 60 minutes.  Click here for further information about refreshing access tokens.

 Got Questions? Get Answers in our developer forums.