Google Apps Script Oauth2 for quickbooks with Goa

Apps Script / Oauth2 (Easy level) posted on 18th Oct 2017

The quickbooks Rest API is a simple, standard API. It's been added to the Goa library list of services.

Goa library is available with this key.

Quickbooks dashboard

Like other APIS, there's a dashboard at which you need to create an application and get credentials. All you'll need is a client id and secret

One off function

If you're familiar with Goa, you'll know that there is a one off function you create to store your credentials, which can be deleted after running. For Classy it looks like this. Note that I'm using the Script Properties as I'm only going to use these credentials for my own script.
function oneOff (){
cGoa.GoaApp.setPackage (PropertiesService.getScriptProperties() , {
clientId: CLIENT_ID,
clientSecret: CLIENT_SECRET,
packageName: 'Quickbooks',
scopes: [""],

The main points are
  • The id, account and secret come from the quickbooks console
  • I've called this particular profile 'quickbooks'. You can call it what you like.
  • There may be other quickbook scopes you need to add to the scopes array
Once you've run this, you're good to go and you can delete it from your script if you want. It won't be needed again.

To use

Depending on what you are using it for you'll need a UI for the consent dialog. This example uses a published web app. One you've run this once and authorized it , you won't need this again. It will tell you the redirect URL to copy to your quickbooks developer console.
function doGet(e) {
  // change this to whatever store & credentials name are being used
  var goa = cGoa.GoaApp.createGoa ('Quickbooks',PropertiesService.getScriptProperties()).execute(e);
  // it's possible that we need consent - this will cause a consent dialog
  if (goa.needsConsent()) {
    return goa.getConsent();
  // if we get here its time for your webapp to run and we should have a token, or thrown an error somewhere
  if (!goa.hasToken()) throw 'something went wrong with goa - did you check if consent was needed?';
  // This is a webapp doing whaever its supposed to do
  // now return it as normal
  return HtmlService.createHtmlOutput ("You're good to go and this webapp is no longer needed")

You can then use it in your main app like this. 
function testGoa() {
  var goa = cGoa.make('Quickbooks', PropertiesService.getScriptProperties());

  // check it worked
  if (!goa.hasToken()) {
    throw 'no token';
  var url = "";
  var result = UrlFetchApp.fetch(url, {
    headers: {
      Accept: 'application/json',
      Authorization:"Bearer " + goa.getToken()
  Logger.log (result.getContentText());

For more like this, see Google Apps Scripts snippets. Why not join our forumfollow the blog or follow me on twitter to ensure you get updates when they are available.