Calling APIs in the right way is beneficial to both app developers and service providers in the long run. Here are some time-tested best practices for QuickBooks APIs. Consider incorporating them in your app if you haven’t already.
Change Data Capture (CDC): Instead of your app polling for updates for different entities in QuickBooks, use CDC API which returns a list of changed entities since the specified datetime. More API details here.
Webhooks: Webhooks are notification based events that Intuit servers send to app servers to notify of changes in subscribed entities. Once webhook is received, the app should subsequently make an API call for the entity and the specified ID from the webhook body. For more details refer here.
Minorversion: QBO APIs are versioned and have a monthly release where new features and bug fixes are made available in the form of minorversion. Minorversion are used in API request as URL query parameter and this value should be updated after each release. If you’re not using this API feature, you’re missing out on all the latest deeds. For example, Inventory Management is available only for minorversion 4 and greater.
Request-ID: Using unique request-id used as URL query parameter gives idempotency for QuickBooks API requests. It helps avoid duplicate transactions and gives playback feature in case of outages. The API determines if the request with the same request-id was sent before, if yes, then it returns the response from original API request; if not, it will create a new transaction. If no request-id is specified, a duplicate transaction with a new ID is created. Read more about it here.
Error Message Handling: Our API teams are working hard to improve API error messages to make them more descriptive so developers can take actions. In the meantime, here are some common error messages and how to handle them.
Troubleshooting: In case of error messages that you don’t know how to resolve, you can search forums and ultimately support with intuit_tid (unique to each API call QBO side) and timestamp from API response headers for faster resolution.
Throttling: Knowing the throttling limits and adhering to these limits will save your app from getting unnecessary 429s. Recommended API requests limit for production is as follows
- 10 concurrent requests per second per realmId
- 400 requests per min per realmId
- 40 batch requests/min per realmId, 10 payloads per batch request
SDKs: Consider using SDKs and libraries to make app development faster and easier. Not only do the official SDKs (for PHP, .Net and Java) handle OAuth, they are also updated monthly to handle new minorversions and enhancements. More about SDKs can be found here.