OAuth 2.0 Migration Beta Program Coming Soon

What’s happening?

Recently, we introduced OAuth 2.0/OpenID Connect for developers building new QuickBooks integrations. Soon, we will be ready to enable existing developers to migrate from OAuth 1.0a/OpenID 2.0 to OAuth 2.0/OpenID Connect.

With OAuth 2.0/OpenID Connect, you get

  • simplicity of integration,
  • better security for your customers, and
  • seamless connection flows.

How can I participate?

We are now recruiting developers to be among the first wave of devs to migrate their apps to OAuth 2.0. To participate, you must have already built and published a QuickBooks integration with OAuth 1.0. As an incentive for being part of this beta program, we will provide you with dedicated support during the migration phase.

To apply to participate, please complete this form
We will review all applicants and will be in touch with you.

Once the beta program is completed, we will open up migration for all existing developers.

Looking forward to migrating with you!

Vishal Aggarwal
Product Manager, Intuit Developer Experience






5 responses to “OAuth 2.0 Migration Beta Program Coming Soon”

  1. Travis Avatar

    I don’t see how you can claim “simplicity of integration” when OAuth2 tokens expire in 1 hour rather than OAuth1’s 6 months. That is a *strong* “don’t migrate” flag for me. It front-loads so much extra work on the developer. Also your NodeJS repos and blog posts are broken for OAuth2. Sub-par dev experience so far…

    1. Vishal Avatar

      Hi Travis,
      In OAuth 2.0, you receive 2 set of tokens. The “access token” is short lived and expires after an hour. The “refresh token” is long lived token and is used to get a new access token after the older one expire. The “refresh token” if not used for 100days will expire. Hope this clarifies the confusion over access tokens.
      It is unfortunate you had a bad dev experience with NodeJS repos and blog post. I will reach out to you via email, to get more information.

      Thank you,

    2. Yannick Avatar

      OAuth 2 is “easier” (for those not using oauth libraries/frameworks) to use because the API calls just use BASIC authentication, while Oauth 1 require to actually do a cryptographic signature for every call.

      That also means that oauth 2 is actually less secure than oauth 1 *sigh*

  2. QBO Avatar

    I want to create a new app using OAuth2, but every new app I create still only allows OAuth1. Also I can’t delete any apps I created by mistake. That’s crazy.

    1. John Avatar

      I’m trying to do the same thing, I’m basically about to have to rewrite ~15% of my code base to do QBO stuff one way for Client A and a different way for every other client because Client A is a legacy client. I can’t create an OAuth2 app. I wonder why Intuit has to make this so difficult.

Leave a Reply

Your email address will not be published. Required fields are marked *