This tutorial describes how to use Intuit Ruby OAuth Client Library to generate access tokens for your QuickBooks Online Companies data. The Ruby OAuth Client Library provides a set of methods that make it easier to work with Intuit’s OAuth and OpenID protocol:
If you are not familiar with Intuit OAuth protocol, please refer to Authentication and authorization page for general information on OAuth.
The Ruby OAuth client would require Ruby version >= 1.9.0, and RubyGem version >= 1.3.5
The Ruby OAuth library use gem for installation. To install the library, run:
$ gem install 'intuit-oauth'
You can also download the source code and run:
$ gem build intuit-oauth.gemspec
to build your own gem if you want to modify a certain functions in the library
In order to start using the library, the first step is to create a client object. Instantiate the IntuitOAuth object with app’s ClientID, ClientSecret, Redirect URL and the right environment. Valid values for environment include sandbox and production. redirect_uri should be set in your Intuit Developer app’s Keys tab under the right environment.
require 'intuit-oauth'
oauth_client = IntuitOAuth::Client.new('client_id', 'client_secret', 'redirectUrl', 'environment')
After the client is created, use the client object to generate authorization URL by specifying scopes. It is shown below in code:
scopes = [
IntuitOAuth::Scopes::ACCOUNTING
]
authorizationCodeUrl = oauth_client.code.get_auth_uri(scopes)
# => https://appcenter.intuit.com/connect/oauth2? client_id=clientId&redirect_uri=redirectUrl&response_type=code&scope=com.intuit.quickbooks.accounting&state=rMwcoDITc2N6FJsUGGO9
Redirect your users to the authorizationCodeUrl, and an authorization code will be sent to the Redirect URL defined. The authorization code will be used to exchange for an oAuth 2.0 access token later.
Once the user has authorized your app, an authorization code will be sent to your RedirectURL defined in your client. Exchange the authorization code for an OAuth 2.0 token object.
result = oauth_client.token.get_bearer_token('The_authorization_code')
Your app must keep track of when a stored access token can be used and when the token must be refreshed. Use the refresh method to refresh the token when the token expired. ALWAYS STORE THE LATEST REFRESH TOKEN RETURNED. Below is an exanmple how to use the refresh method to refresh token:
newToken = oauth_client.token.refresh_tokens('Your_refresh_token')
If your app is disconnected by the user, you would need to revoke the token. Use revoke_tokens method to revoke the token:
trueOrFalse = oauth_client.token.revoke_tokens('the_token_you_want_to_revoke')
If OpenID scope is set when you generate the authorization URL, you can use get_user_info to get the user information:
result=oauth_client.openid.get_user_info('accessToken')
If you have migrated your OAuth 1.0 app to OAuth 2.0 app, and want to exchange your OAuth 1.0 token to OAuth 2.0 token, use migrate_tokens method
result=oauth_client.migration.migrate_tokens(consumer_key, consumer_secret, access_token, access_secret, scopes)
The below example tells how to construct the IntuitOAuth Client and use it to generate an OAuth 2 token.
require 'intuit-oauth'
oauth_client = IntuitOAuth::Client.new('client_id', 'client_secret', 'redirectUrl', 'environment')
scopes = [
IntuitOAuth::Scopes::ACCOUNTING
]
authorizationCodeUrl = oauth_client.code.get_auth_uri(scopes)
# => https://appcenter.intuit.com/connect/oauth2?client_id=clientId&redirect_uri=redirectUrl&response_type=code&scope=com.intuit.quickbooks.accounting&state=rMwcoDITc2N6FJsUGGO9
oauth2Token = oauth_client.token.get_bearer_token('the authorization code returned from authorizationCodeUrl')
# => #<IntuitOAuth::ClientResponse:0x00007f9152b5c418 @access_token="the access token", @expires_in=3600, @refresh_token="the refresh token", @x_refresh_token_expires_in=8726400>
Please open an issue on GitHub if you have a problem, suggestion, or other comment.
Pull requests are welcome and encouraged! Any contributions should include new or updated unit tests as necessary to maintain thorough test coverage.
Intuit-oauth Ruby gem is provided under Apache 2.0 License
FAQs
Unknown package
We found that intuit-oauth demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA’s 2025 draft SBOM guidance adds new fields like hashes, licenses, and tool metadata to make software inventories more actionable.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.
Security News
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.