QuickBooks Online API requests need OAuth 2.0 protocol for authentication and authorization purposes. These access tokens are valid for 60 minutes or one hour. You will have to renew the access token after one hour which is generally returned to you from your previous request.
The refresh access token can last up to 100 days before its expiration, so the user will not have to sign in again and grant consent again during this period. But the token can change a day later or at the time you apply for renewing token call, whichever action is later of the both.
How to generate the access token in QuickBooks?
For generating or renewing an access token, you need to follow the below steps:
- You will have to first register the app in QuickBooks.
- Then in the next step, you need to use to OAuth 2.0 playground for generating and renewing the access tokens in QuickBooks.
What to do when your access token stop working or fails?
You may come across situations where your access token in QuickBooks will stop working. There may be below reasons behind this situation.
- The user revoked your application access, in this case, you will have to ask the user to reauthorize the connection.
- Your access token got expired, in this case, you will come across a 401 error while making an online API call. You will have to request for a new token by using the last received refresh token.
- If the token is not used for more than 100 days, then you will have to ask the user to reauthorize the connection.
Workflow for renewing the access token by using the last refresh token in QuickBooks
You need to follow the below steps to renew the access token by using the last returned token:
- First of all, you should use the current returned refresh token to renew the access and refresh token.
- You need to store both the returned access and refresh token and use the new access token for making QuickBooks API calls.
- If the Access token or refresh token fails or stops working, you need to start from Step one again.
Steps for obtaining the access token initially,
For preparing your application to access data using QuickBooks online API, you need to follow the below process steps:
- First of all, you need to prepare the authorization request with the help of parameters that identify your application.
- After that, you will have to redirect your request to the OAuth 2.0 server.
- Now it will prompt the user with a consent window with details of your application, user will grant authorization in this step.
- Now once the user authorizes your application, you will receive the authorization code.
- Now once the authorization code is entered in the application it will be able to exchange the authorization code for an access token as well as a refresh token.