Training Day

OAuth

On our way to out QuickBooks integration lets dive into the Oauth Flow

Understanding OAuth: The Two Essential Parts

OAuth 2.0 is the industry-standard protocol for authorization. When implementing OAuth in your application, it's helpful to think of it as two distinct processes:

1. Authentication Flow (Getting the Tokens)

This is the process where your application:

  • Redirects users to the authorization server
  • Users authenticate and grant permissions
  • Your application receives an authorization code
  • Your application exchanges this code for access and refresh tokens

During this phase, the focus is on securely obtaining credentials that prove the user has granted your application permission to act on their behalf.

2. Resource Access (Using the Tokens)

Once you have the tokens, this phase involves:

  • Including the access token in API requests to protected resources
  • Handling token expiration
  • Using refresh tokens to obtain new access tokens when needed
  • Managing token storage and security

Note: We will cover Resource Access in the next hands-on exercise.

QuickBooks Online API

Introduction to QuickBooks Online API

Understanding OAuth Apps

Learn what OAuth Apps are and their crucial role in the authorization process

On this page