Training Day
Oauth

Understanding OAuth Apps

Learn what OAuth Apps are and their crucial role in the authorization process

What is an OAuth App?

An OAuth App serves as the bridge between your application (in this case, FileMaker) and a third-party service (QuickBooks Online). It establishes your application's identity in the OAuth ecosystem and defines:

  • What your application is allowed to access
  • How users grant permission to your application
  • How your application receives and manages access credentials

Key Components of Your QuickBooks OAuth App

When you created your QuickBooks Developer account and App, you established these essential elements:

  1. App Identity

    • Client ID (also called Consumer Key): The public identifier for your application
    • Client Secret: The private key known only to your application and the authorization server

  2. Permission Scopes

    • The specific permissions your app will request (e.g., reading customer info, creating invoices)
    • These determine what your application can and cannot do with the user's data

  3. Redirect URIs

    • Where QuickBooks should send users after they authorize your application
    • This is where your application will receive the authorization code
    • We'll configure this in detail later in the workshop

Where OAuth Apps Fit in the Process

Your OAuth App is not just a registration—it's the formal agreement between your application and QuickBooks about how authorization will work.

Why We Need OAuth Apps

OAuth Apps provide several benefits:

  1. Security: Credentials are never directly shared between services
  2. Limited Access: Users can grant only the permissions your app needs
  3. Revocable: Users can revoke access without changing their password
  4. Transparent: Users can see exactly what they're granting access to

In This Workshop

You've already created a QuickBooks Developer account and App. In the following sections, we'll:

  1. Walk through the Authentication Flow to obtain authorization
  2. Handle redirect callbacks from QuickBooks
  3. Configure your App's redirect URI to work with FileMaker
  4. Use tokens to access QuickBooks data from your FileMaker solution

Understanding your OAuth App's role will help clarify why each step in the process is necessary.

OAuth

On our way to out QuickBooks integration lets dive into the Oauth Flow

Authentication Flow

This is the first part of the Oauth Flow. It is the process where your application redirects users to the authorization server, users authenticate and grant permissions, and your application receives an authorization code.

On this page