Intuit
The Intuit enables tools and to call the Intuit QuickBooks Online API on behalf of a , using OAuth 2.0.
What’s documented here
This page describes how to use and configure Intuit (QuickBooks) auth with Arcade.
This is used by:
- Your app code that needs to call Intuit/QuickBooks APIs
- Or, your custom tools that need to call Intuit/QuickBooks APIs
Arcade offers a default Intuit for getting started quickly. In production you will most likely want to use your own Intuit app credentials, so your see your application’s name on the consent screen.
Scopes
Intuit splits its scopes into the QuickBooks API scopes and the OpenID Connect scopes. Request only the scopes your need.
| Scope | Description |
|---|---|
com.intuit.quickbooks.accounting | Read and write QuickBooks Online accounting data (customers, invoices, accounts, etc.) |
com.intuit.quickbooks.payment | Process payments via the QuickBooks Payments API |
openid | Authenticate the user and return an ID token |
profile | The user’s given and family name |
email | The user’s email address |
phone | The user’s phone number |
address | The user’s physical address |
Configuring Intuit auth
When using your own app credentials, make sure you configure your to use a custom user verifier. Without this, your end-users will not be able to use your app or in production.
Before configuring your Intuit credentials in Arcade, create an app on the Intuit Developer portal.
Create an Intuit app
Create the app
- Sign in to the Intuit Developer portal and open My Hub > App dashboard (or developer.intuit.com/app/developer/dashboard ).
- Open (or create) a workspace, then select the + tile to create a new app.
- Select QuickBooks Online and Payments, give the app a name (letters, numbers, and spaces only), choose the scopes your integration needs, and create the app.
Add the redirect URI
- Open your app’s Keys & OAuth (a.k.a. Keys & credentials) page.
- Under Redirect URIs, click Add URI and paste the redirect URL generated by Arcade (see below), then Save.
- Intuit allows
http://localhostredirect URIs for development; production redirect URIs must be HTTPS.
Copy the credentials
- On the Keys & OAuth page, toggle Show credentials to reveal the Client ID and Client Secret for the environment you are using (Development/sandbox or Production).
Intuit issues Development (sandbox) keys immediately. Production keys require completing Intuit’s production app assessment and accepting Intuit’s production terms before the production Client ID/Secret are issued.
Configuring your own Intuit Auth Provider in Arcade
Dashboard GUI
Configure Intuit Auth Using the Arcade Dashboard GUI
Access the Arcade Dashboard
To access the Arcade Cloud dashboard, go to api.arcade.dev/dashboard . If you are self-hosting, by default the dashboard will be available at http://localhost:9099/dashboard . Adjust the host and port number to match your environment.
Navigate to the OAuth Providers page
- Under the Connections section of the Arcade Dashboard left-side menu, click Connected Apps.
- Click Add OAuth Provider in the top right corner.
- Select the Included Providers tab at the top.
- In the Provider dropdown, select Intuit.
Enter the provider details
- Choose a unique ID for your provider (e.g. “my-intuit-provider”).
- Optionally enter a Description.
- Enter the Client ID and Client Secret from your Intuit app.
- Note the Redirect URL generated by Arcade. This must be added to your Intuit app’s Redirect URIs.
Create the provider
Hit the Create button and the provider will be ready to be used.
When you use tools that require Intuit auth using your Arcade credentials, Arcade will automatically use this Intuit OAuth provider. If you have multiple Intuit providers, see using multiple auth providers of the same type for more information.
Using Intuit auth in app code
Use the Intuit in your own and AI apps to get a token for the Intuit/QuickBooks API. See authorizing agents with Arcade to understand how this works.
Use client.auth.start() to get a token for the Intuit API:
Python
from arcadepy import Arcade
client = Arcade() # Automatically finds the `ARCADE_API_KEY` env variable
user_id = "{arcade_user_id}"
# Start the authorization process
auth_response = client.auth.start(
user_id=user_id,
provider="intuit",
scopes=["com.intuit.quickbooks.accounting", "openid", "profile", "email"],
)
if auth_response.status != "completed":
print("Please complete the authorization challenge in your browser:")
print(auth_response.url)
# Wait for the authorization to complete
auth_response = client.auth.wait_for_completion(auth_response)
token = auth_response.context.token
# Do something interesting with the token...Using Intuit auth in custom tools
You can author your own custom tools that interact with the Intuit/QuickBooks API.
Use the Intuit() auth class to specify that a requires authorization with Intuit. The context.authorization.token field will be automatically populated with the user’s Intuit token. The user’s QuickBooks company (realm) id is returned on the authorization and is required for most accounting API calls:
from typing import Annotated
import httpx
from arcade_tdk import ToolContext, tool
from arcade_tdk.auth import Intuit
@tool(
requires_auth=Intuit(
scopes=["com.intuit.quickbooks.accounting"],
)
)
async def get_company_info(
context: ToolContext,
realm_id: Annotated[str, "The QuickBooks company (realm) id to query."],
) -> Annotated[dict, "The QuickBooks CompanyInfo resource"]:
"""Get the authenticated user's QuickBooks company information."""
url = f"https://quickbooks.api.intuit.com/v3/company/{realm_id}/companyinfo/{realm_id}"
headers = {
"Authorization": f"Bearer {context.authorization.token}",
"Accept": "application/json",
}
async with httpx.AsyncClient() as client:
response = await client.get(url, headers=headers)
response.raise_for_status()
return response.json()Development (sandbox) keys call the sandbox base URL
https://sandbox-quickbooks.api.intuit.com; production keys call
https://quickbooks.api.intuit.com.