Log inApply for Beta
Back to home
Integration · QuickBooks Online

QuickBooks Online

TAO connects to QuickBooks Online through Intuit's OAuth 2.0 and OpenID Connect, scoped to the specific company file (realmId) you authorise. We request the accounting scope to drive quoting, invoicing, and reconciliation, and the OpenID scopes for identity — nothing payroll, nothing payments processing, nothing beyond what TAO actually uses on screen.

Apply for Beta All data & permissions

How the connection works

OAuth 2.0 + OpenID Connect via Intuit's authorization server. After consent, Intuit returns an authorization code plus a realmId identifying the QuickBooks company file. TAO exchanges the code for an access token (1 hour) and refresh token (100 days, rolling), and stores one connection per realmId so multi-entity customers can link several company files.

Scopes TAO requests

We request only the scopes the connected features actually use. Each scope, why we ask for it, and which tier it sits in for QuickBooks Online:

ScopeTierWhat it's for
com.intuit.quickbooks.accountingaccountingRead and write customers, invoices, payments, items, and reports for the connected company
openididentitySign the user in via OpenID Connect
profileidentityRead the user's Intuit display name
emailidentityRead the user's Intuit email for account matching
phoneidentityRead phone where the user has shared it, for contact reconciliation
addressidentityRead address where the user has shared it, for billing reconciliation

What TAO accesses

The connected features read specific QuickBooks Online data — and only what's needed for the operational record visible inside TAO.

  • Customers, vendors, and items for the connected QuickBooks company file
  • Invoices, estimates, and payments TAO creates or reads against active jobs
  • Chart of accounts, tax codes, and classes so TAO posts to the right ledger lines
  • Company info and report data for TAO dashboards

What TAO never does with this data

Some commitments are easier to read as a list.

  • We do not request the payments scope — we do not process card or ACH payments through QuickBooks Payments
  • We do not request the payroll scope — employee and payroll data stays in QuickBooks
  • We do not train models on your accounting data or share it with third parties
  • We do not access company files you have not explicitly connected to TAO
  • We do not use your Intuit identity for advertising or audience profiling

Use of data — disclosure

TAO uses QuickBooks Online data only to deliver the accounting workflows visible inside TAO. Access is scoped to the realmId you authorise — TAO cannot read or write other company files. We follow Intuit's API and data-handling requirements, including encryption in transit and at rest, breach notification, and prompt token revocation on disconnect. We don't sell your data, we don't train models on it, and we don't transfer it outside TAO except where you initiate the transfer or law requires it.

OAuth consent screen + listing

The exact configuration TAO submits to QuickBooks Online for every customer connection — keep this aligned with the public site for reviewers and consent dialogs.

  • App name = TAO, published by The Artificial Organisation on the Intuit App Store
  • End user license agreement URL = https://theartificialorganisation.com/terms
  • Privacy policy URL = https://theartificialorganisation.com/privacy
  • Host domain = theartificialorganisation.com matches the launch and redirect URIs
  • Scopes shown at consent time = Accounting plus OpenID identity scopes only
  • Support contact email monitored and resolved within one business day

Verification + review path

TAO is registered on the Intuit Developer portal and progresses through Intuit's go-live path: development sandbox → production keys → app assessment against Intuit's security requirements (TLS, OWASP ASVS, breach response, data retention) → publication on the Intuit App Store. Intuit re-reviews listed apps periodically, and TAO maintains an active production app status with current security attestations.

How to disconnect

Open https://qbo.intuit.com → Settings → Apps → My Apps, find TAO, and click Disconnect. You can also disconnect from inside TAO at Settings → Integrations → QuickBooks → Disconnect; TAO calls Intuit's revoke endpoint, drops the realmId connection, and permanently deletes cached QuickBooks data within 24 hours.

Reference: QuickBooks Online developer documentation

Canonical QuickBooks Online reference: https://developer.intuit.com/app/developer/qbo/docs/develop/authentication-and-authorization/oauth-2.0

See also the full Data & Permissions page for the side-by-side comparison across all providers TAO connects to, and the Privacy Policy for retention, deletion, and your rights.

You might also want

XeroSMB accounting on granular OAuth scopes.Google WorkspaceGmail, Calendar, Contacts, Drive — through reviewed OAuth.

Want to see this running on the apps you already use? Apply for the beta, or tell us what your team is trying to run from one place.

Apply for Beta All data & permissions
Sign inApply for Beta