Oauth Workflow for Quickbooks App

I’ve spent the majority of the day researching Oauth, and how to connect Quickbooks with my app. This is an internal company app I want to connect with our company’s Quickbooks account in order to automate much of our accounting workflow.

I have a pretty good idea of what I need to do, but I’m not really sure what APIs I need in order to do it. My guess is they are part of the core… @sashko, it looks like you have worked on quite a few of the Oauth packages, so if you could point me in the right direction, that would be a huge help. I am guessing I need to add Oauth to my project, but I’m not sure about any others.

Quickbooks uses Oauth 1.0, and I plan/am hoping to use the node-quickbooks npm package to access the API. However, I’m not really having any luck translating the node-quickbooks authentication example to Meteor. There is a Quickbooks atmosphere package, but little documentation around it and it appears to no longer be maintained.

From what I gathered today, I need to implement a multi-step request/response workflow with several Quickbooks URLS to:

  1. Generate a request token when the user clicks a ‘connect to quickbooks’ button
  2. Process request token on my server, and redirect user to a Quickbooks app authorization page
  3. When user authorizes app, save an oauth_token, oauth_token_secret, and realmid on my server (preferably encrypted?).
  4. Create a new Quickbooks object using all of Oauth’s keys provided to me.

Any resources that can help in learning more about how Meteor handles Oauth would be a great help. Thank you!

1 Like

In the current version 1.2 of Meteor you have to wrap the NPM package if you want to use that which seems to make sense in this case. If you Google on that you will find some more info on how to do that. https://www.discovermeteor.com/blog/wrapping-npm-packages/

In 1.3 it seems NPM packages can be used native which makes things much easier. So it might be interesting to research that a bit more before investing too much time in wrapping.

Interesting examples of oauth can be found in the core packages: https://github.com/meteor/meteor/tree/devel/packages/twitter
Be aware that there are 2 packages: twitter and accounts-twitter. Same as with google etcetera. But first I would focus on that NPM package since that one seems to be very well maintained and might save you lots of time.

This is hilarious - I was literally just working on the accounts guide article today. Unfortunately I don’t know as much about implementing a custom login service on top of the oauth packages as it may seem.

@robfallows seems to have experience doing this: https://github.com/meteor/guide/issues/35#issuecomment-149536321

I really want to write a short part of the guide about how to do this, let’s see if we can work it out together.

I’d guess that the oauth1 package would be a good starting point, but it’s not really documented at all: https://github.com/meteor/meteor/tree/devel/packages/oauth1

yup that documentation :smile: still it’s doable to use them. It’s oAuth which is always way too complex.


This example seems to indicate you need to implement a few routes with some calls to get a token you can use for the requests.


Before spending time on this stuff: You need to understand the direction. If I read your businesscase you might want to do just server - server communications. In that case you need to work on behalf of the user.

The Meteor accounts packages are more for single sign on like here:

So I used meteorhacks:npm to include the node-quickbooks package, so when 1.3 comes out, it should be pretty easy to change that. As far as the Oauth goes though, I just want to connect to Quickbooks, so no Quickbooks accounts are necessary. @lucfranken, I was looking at the Facebook package, but couldn’t make sense of it, although I saw mentioned elsewhere Twitter was simpler, so maybe it’s better to start there.

@sashko, I’d be happy to help out where I can. I think the Oauth core package sits on top of oauth1, but I could be wrong. I think I might need the service-configuration package too?

Before spending time on this stuff: You need to understand the
direction. If I read your businesscase you might want to do just server -
server communications. In that case you need to work on behalf of the

Yes :smile: We have one Quickbooks we want to connect to (our company’s), and we then want to use the API to do things such as send invoices, pay employees, etc. Here is the Quickbooks recipe I believe I want to follow: https://developer.intuit.com/docs/0150_payments/0060_authentication_and_authorization/connect_from_within_your_app I just can’t figure out how to do it in Meteor.

No idea if it’s right:

They say you have some tool where you might get an access token for 150 days. That might, if true, save you from implementing oauth. It would work if you could enter that code here:

That’s an interesting hack, though it might work (at least for development purposes). I’ll look into it a little further. Thanks!

@lucfranken, your suggestion got it working :smile: I ended up running the app.js example from the node-quickbooks package, and putting the oauth token and oauth token secret in my settings file. Then I just created a new Quickbooks object with the variables. This will at the very least help me keep moving forward on the development side of things until it’s time to ship. Once it goes into production, I’ll have to at the very least implement the renew method that Quickbooks provides to keep the token and token secret up to date. Many thanks!

1 Like

Good to hear, good luck with your project!