英文:
How can i authenticate my Quickbook Intuit api access without user interection and just by client id and secret?
问题
我正在进行一个项目,其中后台定时任务创建发票,我希望在后端创建时将它们添加到我的QuickBooks帐户中,所以问题是我只想使用客户端ID和秘密来调用API。
英文:
I am working on a project where backgroung crons create invoices and i want to add them on my quickbook account on create on backend, so problem is i want to hit api with just client id and secret involvement.
答案1
得分: 5
你无法进行无用户交互的Quickbook Intuit API访问身份验证,只使用客户端ID和密钥是不可能的。但实际上你也不需要这样做。你误解了OAuth v2在使用refresh token授权类型时的工作原理。
OAuth v2与refresh token授权类型的工作方式如下:
- 开发者经过一次性的UI过程来获取
client ID和client secret,并定义回调URL - https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#download-the-oauth-library - 拥有
QuickBooks Online帐户的人只需进行一次且仅一次的基于UI的连接过程,以交换client ID和client secret以获取授权码,然后再获取访问令牌和刷新令牌 - https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#step-1-prepare-authorization-request - 你的代码会将OAuth的
访问令牌和刷新令牌存储起来。
现在,你可以在需要时使用存储的访问令牌和刷新令牌运行你的cron作业。
在某个时刻,你会从Intuit那里收到401响应,这意味着你的访问令牌已过期(只在1小时内有效)。当发生这种情况时:
- 进行API调用以刷新
访问令牌- https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#refresh-the-token - 存储新的
访问令牌和新的刷新令牌(你可能每次都会得到新的刷新令牌,也可能不会,所以不管怎样都应该存储返回的令牌) - 再次进行API调用,它将成功
按需在你的cron进程中重复此操作。需要再次强调的是 - 基于UI的身份验证过程是一次性的,仅一次性的。之后,你将存储令牌,并可以根据需要从后台/cron进程中进行调用。
英文:
> How can i authenticate my Quickbook Intuit api access without user interection and just by client id and secret?
You can't. But you don't need to either. You misunderstand how OAuth v2 works when using refresh token type grants.
The way OAuth v2 with refresh token grants works is like this --
- The developer goes through a one-time UI process to get the
client IDandclient secret, and define callback URLs - https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#download-the-oauth-library - The person who owns the
QuickBooks Onlineaccount goes through a one-time and only one-time UI-based connection process which exchanges theclient IDandclient secretfor anauthorization code, and then that for anaccess tokenandrefresh token- https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#step-1-prepare-authorization-request - Your code stores the OAuth
accessandrefresh tokens.
Now, you can run your cron job whenever you want, using the stored access and refresh tokens.
At some point, you will get back a 401 response from Intuit - this means your access token has expired (it is only valid for 1 hour). When this happens:
- Make an API call to refresh the
access token- https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0#refresh-the-token - Store the new
access tokenand the newrefresh token(you may or may not get back a new refresh token, so you should just store what you get back every time regardless) - Make your API call again, and it will succeed
Repeat in your cron process whenever you want, as desired.
To re-iterate - the UI-based auth process is one-time and one-time ONLY. After that one-time process you store the tokens and can make calls from your background/cron processes whenever you need to.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论