Configuring Authentication

To protect data from unauthorized access, QuickBooks data stores require connections to be authenticated through the OAuth 2.0 protocol. You can configure the Simba QuickBooks ODBC Driver to authenticate connections by specifying an access token, or by providing your QuickBooks credentials so that the connector retrieves and uses the corresponding access token.

For detailed instructions, see the following:

Configuring Authentication With an Access Token

If you already have a valid access token, specify it in your DSN so that the connector can use it to authenticate the connection.

Access tokens are valid for a limited amount of time only. If you provide a refresh token in addition to the access token, the connector can refresh the access token when it expires.

To configure authentication with an access token:

  1. To access authentication options, open the ODBC Data Source Administrator where you created the DSN, select the DSN, and then click Configure.
  2. In the Auth_Realm field, type the company ID associated with your QuickBooks account.
  3. In the Access Token field, type or paste your access token.
  4. Optionally, in the Refresh Token field, type or paste your refresh token.
  5. To save your settings and close the DSN Setup dialog box, click OK.

Configuring Authentication With Your QuickBooks Credentials

You can configure the connector to retrieve and use an access token based on your QuickBooks credentials.

For this authentication method, in addition to providing your QuickBooks credentials, you must also configure your QuickBooks application and the connector to use one of the supported redirect URLs. If you are using a production account, then you must also update the hosts file on your Windows machine.

For detailed instructions, see the following:

Specifying the Redirect URL in Your Application

If you are using the connector to retrieve an access token, you must configure your QuickBooks application to use one of the supported redirect URLs.

To specify the redirect URL in your appilcation:

  1. In a web browser, navigate to the the Intuit Developer Portal.
  2. Sign in to your account, and access your application settings.
  3. Set the redirect URL of the application to one of the following values:
    • http://localhost:6367
    • https://localhost:6367
    • https://www.localhost.com:6367
    4. Important:

    If you are using a production account to connect to QuickBooks, then you must set the redirect URL to https://www.localhost.com:6367.

  4. Save your changes, and sign out from your account.

The connector must be configured to use the same redirect URL as your application. You can specify the redirect URL in the connector while specifying your QuickBooks credentials for retrieving the access token, which is one of the last steps in this configuration process. For more information, see Retrieving the Access Token.

If you set the redirect URL to one of the HTTPS values, then you must also provide an SSL certificate and a private key for proving the identity of the client (that is, the connector) to the QuickBooks server. You can also provide these files while specifying your QuickBooks credentials for retrieving the access token. For more information, see Retrieving the Access Token.

Updating the hosts File

Note:

If you are not using https://www.localhost.com:6367 as the redirect URL, then you do not need to update the hosts file. Skip this procedure and continue with Retrieving the Access Token.

If you are using https://www.localhost.com:6367 as the redirect URL, then you must also update the host name mappings in the hosts file on your Windows machine. Otherwise, you do not need to make any changes to the hosts file.

To update the hosts file:

  1. In a text editor, open the C:\Windows\System32\drivers\etc\hosts file for editing.
  2. On a new line, type the following:

    3. 127.0.0.1 www.localhost.com

  3. Save your changes, and close the file.

Retrieving the Access Token

After completing the configurations described above as needed, you can configure the connector to retrieve and use the access token to authenticate your connection.

Important:

Make sure that the default web browser on your machine is not set to Internet Explorer. The OAuth 2.0 authentication flow that the connector goes through to retrieve access tokens is not supported on Internet Explorer.

To retrieve the access token:

  1. To access authentication options, open the ODBC Data Source Administrator where you created the DSN, select the DSN, and then click Configure.
  2. In the Client ID field, type the client ID associated with the QuickBooks application.
  3. In the Client Secret field, type the client secret.
  4. In the Scope field, type a space-separated list of OAuth scopes for the access token.

    5. For example:

    com.intuit.quickbooks.accounting com.intuit.quickbooks.payment com.intuit.quickbooks.profile

    For a list of the scopes that the connector supports, see Scope.

  5. In the Redirect URI field, type the redirect URL associated with your QuickBooks application. For more information, see Specifying the Redirect URL in Your Application.
  6. In the Auth_Realm field, type the company ID associated with your QuickBooks account.
  7. If you are using an HTTPS redirect URL, provide the required SSL files by doing the following:
    1. In the Local Server Certificate field, type the full path and name of a .pem file containing the SSL certificate used to prove the identity of the client (in this case, the connector) to the QuickBooks server.
    2. In the Local Server Key field, type the full path and name of a .pem file containing the private key used to encrypt the SSL certificate.
  8. Click Get Access Token.
  9. In the web browser that opens, in the displayed fields, type your QuickBooks account user name and password. Then, click Sign In to allow the connector to access your QuickBooks data store.
  10. Select the application you want to sign in to, and then click Connect.

    11. Note:

    If you specified a self-signed certificate during step 7, your browser displays a security warning after you click Connect. To complete the authentication process, you must add a security exception for the certificate to your browser. For detailed instructions, refer to the product documentation for your browser.

  11. In the DSN setup dialog box, confirm that the Access Token and Refresh Token fields are populated. Then, close the browser window.
  12. To save your settings and close the DSN Setup dialog box, click OK.

Related topics