Programmatically get authorization code

[mNemlaghi]

Hi,

As mentioned here, it seems not possible to automate the way we can get authorization code, before getting access token and refresh token (which is taken into account thanks to get_bearer_token method). This is an issue for browserless, server side solutions interacting with intuit quickbooks API.

Since the refresh token doesn't last more than 1 day (the 100 days was never guaranteed), is there a planned solution for this ? Thanks a lot !

[dantebarba]

@mNemlaghi did you find a solution to this?

[daccorti]

@mNemlaghi Also interested if you solved this issue.

@IntuitDeveloperRelations - Do you have any recommendations for this?

[bdsoha]

@mNemlaghi Any updates? This would be a great feature for server-side applications and lambda-functions.

[An4ik]

We've faced the same issue but did some tricks to solve it:

1. Using OAuth2 fetch the token manually
2. Store refresh token in environment
3. Use that refresh_token and refresh it for every request to QuickBooks API.

So based on documentation documentaion hope this will work

Refresh tokens
Refresh tokens are valid for 100 days. This expiry date is rolling and gets extended each time it’s used to refresh an access token.

[Donny-GUI]

i ended up just using selenium headless

[aaldaghar]

Is there no plan to fix the authorization code issue?

[dantebarba]

We've been using the refresh token with no issues but we only have one instance. If you scale to multiple instances or you use lambda functions unfortunately the only way to handle this without requiring scraping the QB webapp is to have a distributed database with the valid refresh token and an atomic control on the token access and renewal.

[bdsoha]

i ended up just using selenium headless

Do you mind sharing the code you used?

[robert-mings]

Hi @mNemlaghi,

Thanks for the suggestion! Today we do require an admin user to explicitly consent, through the Intuit authorization page, before an application is able to access data.

Refresh tokens last for 100 days and are on a rolling expiry. As long as you refresh the token at least once every 100 days, you can utilize these till their maximum lifetime for gaining new bearer (access) tokens.

cc: @dantebarba, @daccorti, @bdsoha, @An4ik, @Donny-GUI, @aaldaghar.