I am trying to connect to Quickbooks online. I have tried several packages including the PHPSample, the sample code within the v3 SDK, and the java example for time accounting. I end up with a similar problem in each.
I am able to connect to Quickbooks, and retrieve the realmId, oauth token and oauth secret.
In this state, I am able to successfully disconnect.
When I subsequently connect and try to query for data (for example, all accounts) I get a 401 error.
here is the return info (with my keys removed)
ERROR: Invalid auth/bad request (got a 401, expected HTTP/1.1 20X or a redirect)
Response: 401 - message=ApplicationAuthenticationFailed;
errorCode=003200;
statusCode=401
SignatureBaseString: POST
&https%3A%2F%2Fsandbox-quickbooks.api.intuit.com%2Fv3%2Fcompany%2F<REALM_ID>%2Fquery&minorversion%3D3%26oauth_consumer_key%3D<CONSUMER_KEY%26oauth_nonce%3D2172856b0bd6c51a491.36540409%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1454423404%26oauth_token%3D<OAUTH_TOKEN>%26oauth_version%3D1.0
array(6) {
["sbs"]=> string(369) "POST&https%3A%2F%2Fsandbox-quickbooks.api.intuit.com%2Fv3%2Fcompany%2F<REALM_ID>%2Fquery&minorversion%3D3%26oauth_consumer_key%3DI360v9TvxGoU7UoBYesJFUiRAkVQ8OQfV4Cbl2oN%26oauth_nonce%3D2172856b0bd6c51a491.36540409%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1454423404%26oauth_token%3DqyprdWBRfbyvECJdjDA98qR6G9oPvReu65EuFtFomxS5UPXP%26oauth_version%3D1.0"
["headers_sent"]=> string(532) "POST /v3/company/<REALM_ID>/query?minorversion=3 HTTP/1.1 host: sandbox-quickbooks.api.intuit.com user-agent: V3PHPSDK2.2.0 accept: */* connection: close content-type: application/text Authorization: OAuth oauth_consumer_key="<CONSUMER_KEY>",oauth_signature_method="HMAC-SHA1",oauth_nonce="2172856b0bd6c51a491.36540409",oauth_timestamp="1454423404",oauth_version="1.0",oauth_token="<OAUTH_TOKEN>",oauth_signature="<ALPHA_NUM_STRING>" Content-Length: 53"
["headers_recv"]=> string(147) "HTTP/1.1 401 Unauthorized Server: nginx/1.8.0 Date: Tue, 02 Feb 2016 14:29:35 GMT Content-Type: text/xml Content-Length: 797 Connection: close"
["body_sent"]=> string(53) "select * from Account startPosition 1 maxResults 1000"
["body_recv"]=> string(797) " message=ApplicationAuthenticationFailed; errorCode=003200; statusCode=401 SignatureBaseString: POST&https%3A%2F%2Fsandbox-quickbooks.api.intuit.com%2Fv3%2Fcompany%2F<REALM_ID>%2Fquery&minorversion%3D3%26oauth_consumer_key%3D<CONSUMER_KEY>%26oauth_nonce%3D2172856b0bd6c51a491.36540409%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1454423404%26oauth_token%3D<OAUTH_TOKEN>%26oauth_version%3D1.0 "
["info"]=> string(1280) "Adding handle: conn: 0x3a3c70 Adding handle: send: 0 Adding handle: recv: 0 Curl_addHandleToPipeline: length: 1 - Conn 5 (0x3a3c70) send_pipe: 1, recv_pipe: 0 About to connect() to sandbox-quickbooks.api.intuit.com port 443 (#5) Trying 12.149.173.155... Connected to sandbox-quickbooks.api.intuit.com (12.149.173.155) port 443 (#5) SSLv3, TLS handshake, Client hello (1): SSLv3, TLS handshake, Server hello (2): SSLv3, TLS handshake, CERT (11): SSLv3, TLS handshake, Server finished (14): SSLv3, TLS handshake, Client key exchange (16): SSLv3, TLS change cipher, Client hello (1): SSLv3, TLS handshake, Finished (20): SSLv3, TLS change cipher, Client hello (1): SSLv3, TLS handshake, Finished (20): SSL connection using AES256-SHA256 Server certificate: subject: C=US; ST=California; L=San Diego; O=INTUIT INC.; OU=Tech Ops; CN=*.api.intuit.com start date: 2015-11-23 00:00:00 GMT expire date: 2016-11-23 23:59:59 GMT issuer: C=US; O=Symantec Corporation; OU=Symantec Trust Network; CN=Symantec Class 3 Secure Server CA - G4 SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway. upload completely sent off: 53 out of 53 bytes Server nginx/1.8.0 is not blacklisted Closing connection 5 SSLv3, TLS alert, Client hello (1): " }
ERROR MESSAGE: message=ApplicationAuthenticationFailed; errorCode=003200; statusCode=401 SignatureBaseString: POST&https%3A%2F%2Fsandbox-quickbooks.api.intuit.com%2Fv3%2Fcompany%2F<REALM_ID>%2Fquery&minorversion%3D3%26oauth_consumer_key%3D<CONSUMER_KEY>%26oauth_nonce%3D2172856b0bd6c51a491.36540409%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1454423404%26oauth_token%3D<OAUTH_TOKEN>%26oauth_version%3D1.0
Note that
<CONSUMER_KEY> matches what is listed in the App page on intuit under OAuth Consumer Key
<OAUTH_TOKEN> matches what is returned from connect to quickbooks as the oauth token
<REALM_ID> matches what is returned from connect to quickbooks as the realm id
<ALPHA_NUM_STRING> is a string of alpha numeric characters (which look like a key string) that I do not recognize as coming from somewhere else.
I am sure I am doing something simple wrongly, but I cannot see it. Any advice would be greatly appreciated.
Thanks in advance.
Please see the sandbox keys and base url you need to use here- Please refer- https://developer.intuit.com/v2/blog/2014/10/20/changes-to-ipp-app-tokens https://developer.intuit.com/blog/2014/10/24/intuit-developer-now-offers-quickbooks-sandboxes EDIT: So if you have used dev app keys/tokens and sandbox url then your oauth should work fine. 401 is tokens expired/invalidated error and can occur in following cases-401 errors occur when users other than the master admin try to login for the realm or wrong email id is used to login. They can also happen when some other user or the master admin tries to use Connect to Quickbooks button again for the same realm using same tokens if the master admin is deleted in QBO company. Another reason is when the admin disconnects realm/company manually which invalidates tokens. 401 can also occur when there are outages at our end.
The most obvious reason is 180 days expiry of tokens. Apart from that service issues at our end can also disconnect tokens/invalidate tokens and give 401 errors at your end.
To regenerate tokens- If 180 days are not over and days left for token expiry>30 days/180 days over, then email them to Disconnect and Reconnect using Connect to Quickbooks button. If 180 days are going to be over and days left for token expiry is within 30 days, then your system needs to use Reconnect apis to renew existing tokens. https://developer.intuit.com/v2/docs/0050_quickbooks_api/0020_authentication_and_authorization/oauth_management_api