SDK Banner


Gem Version

Intuit OAuth Ruby Client

This tutorial describes how to use Intuit Ruby OAuth Client Library to generate access tokens for your QuickBooks Online Companies data. The Ruby OAuth Client Library provides a set of methods that make it easier to work with Intuit’s OAuth and OpenID protocol:

  • Generating Authorization URL
  • Getting OAuth2 Bearer Token
  • Getting User Info
  • Validating OpenID token
  • Refreshing OAuth2 Token
  • Revoking OAuth2 Token
  • Migrating tokens from OAuth1.0 to OAuth2

If you are not familiar with Intuit OAuth protocol, please refer to Authentication and authorization page for general information on OAuth.

The Ruby OAuth client would require Ruby version >= 1.9.0, and RubyGem version >= 1.3.5


The Ruby OAuth library use gem for installation. To install the library, run:

$ gem install 'intuit-oauth'

You can also download the source code and run:

$ gem build intuit-oauth.gemspec

to build your own gem if you want to modify a certain functions in the library

Create client instance

In order to start using the library, the first step is to create a client object. Instantiate the IntuitOAuth object with app’s ClientID, ClientSecret, Redirect URL and the right environment. Valid values for environment include sandbox and production. redirect_uri should be set in your Intuit Developer app’s Keys tab under the right environment.

  require 'intuit-oauth'

  oauth_client ='client_id', 'client_secret', 'redirectUrl', 'environment')

General Authorization Code URL

After the client is created, use the client object to generate authorization URL by specifying scopes. It is shown below in code:

  scopes = [

  authorizationCodeUrl = oauth_client.code.get_auth_uri(scopes)
  # =>   client_id=clientId&redirect_uri=redirectUrl&response_type=code&

Redirect your users to the authorizationCodeUrl, and an authorization code will be sent to the Redirect URL defined. The authorization code will be used to exchange for an oAuth 2.0 access token later.

Exchange Authorization Code for OAuth 2.0 Token

Once the user has authorized your app, an authorization code will be sent to your RedirectURL defined in your client. Exchange the authorization code for an OAuth 2.0 token object.

result = oauth_client.token.get_bearer_token('The_authorization_code')

Refresh Token

Your app must keep track of when a stored access token can be used and when the token must be refreshed. Use the refresh method to refresh the token when the token expired. ALWAYS STORE THE LATEST REFRESH TOKEN RETURNED. Below is an exanmple how to use the refresh method to refresh token:

newToken = oauth_client.token.refresh_tokens('Your_refresh_token')

Revoke Token

If your app is disconnected by the user, you would need to revoke the token. Use revoke_tokens method to revoke the token:

trueOrFalse = oauth_client.token.revoke_tokens('the_token_you_want_to_revoke')

Get User Info

If OpenID scope is set when you generate the authorization URL, you can use get_user_info to get the user information:


Call migration method

If you have migrated your OAuth 1.0 app to OAuth 2.0 app, and want to exchange your OAuth 1.0 token to OAuth 2.0 token, use migrate_tokens method

result=oauth_client.migration.migrate_tokens(consumer_key, consumer_secret, access_token, access_secret, scopes)

A Complete Usage Example for Creating OAuth 2.0 token

The below example tells how to construct the IntuitOAuth Client and use it to generate an OAuth 2 token.

require 'intuit-oauth'

oauth_client ='client_id', 'client_secret', 'redirectUrl', 'environment')
scopes = [

authorizationCodeUrl = oauth_client.code.get_auth_uri(scopes)
# =>

oauth2Token = oauth_client.token.get_bearer_token('the authorization code returned from authorizationCodeUrl')
# => #<IntuitOAuth::ClientResponse:0x00007f9152b5c418 @access_token="the access token", @expires_in=3600, @refresh_token="the refresh token", @x_refresh_token_expires_in=8726400>

Issues and Contributions

Please open an issue on GitHub if you have a problem, suggestion, or other comment.

Pull requests are welcome and encouraged! Any contributions should include new or updated unit tests as necessary to maintain thorough test coverage.


Intuit-oauth Ruby gem is provided under Apache 2.0 License