I’ve been playing around with the new QuickBooks Online OAuth 2.0 integration and came across an error which caused me a few hours of grief. To save you guys time I decided to write about it and show you how to avoid this minor hiccup.
The Redirect URL
Your app serves the Redirect URI to users upon authentication. What this means is, this is the URI to which your users get redirected after successfully signing in to your app. You can set this up in the Redirect URIs section of the Keys tab in your app’s dashboard from your Intuit Developer account.
For development purposes, you’ll most likely going to redirect it to your localhost as we did with Redirect URI 2 in this screenshot. By the way, we keep Redirect URI–supplied by Intuit Developer on your behalf–intact to allow the OAuth 2.0 playground to work with your credentials. This is not required but is convenient to have for testing purposes.
So what is the catch?
The tricky thing is the Redirect URIs description mentions, “All URI requests must use HTTPS.” This is true for all cases except for one, and that one is when you are testing on your localhost. In this case, using HTTPS results in the following error when you test the authentication flow.
Avoid this hiccup by simply use HTTP instead of HTTPS for your localhost redirect URI. That’s it!
Avoid this pitfall to save yourself some time and grief.
Intuit Developer Evangelist.