Getting Started with QuickBooks Online Webhooks
Webhooks finally have landed.
You can start rewriting your CDC polling code now . Well maybe not. As a prerequisite for this tutorial you need to be able to start up the qbo_api example app. If you haven't done that, do it now and come back.
- Switch into your local
qbo_api
directory. - Start up the example app
- Go to your QuickBooks Online API app you created for your start up example and click on the "Settings" link.
- Go down to the "Webhooks" section. You will see that we need to submit a URL so Intuit can POST webhook requests to. The standard way to do this in development is to use ngrok.
- Download ngrok and put it in a auto-loaded path. e.g.
/usr/local/bin/
- Fire up ngrok on port 9393.
- Copy the
https://
url that thengrok
generates. - Next, go back to https://developer.intuit.com and put this URL with
/webhooks
added to the end of it. - Enable "Estimate" events to receive webhooks and hit "Save".
- Let's add the
/webhooks
route to the example app. - Open up
example/app.rb
and add thispost
route. - Next, let's add the
verify_webhook
method. - You'll also need to require the
openssl
andbase64
libraries. - You are going to need to add the
VERIFIER_TOKEN
variable. - Go back Intuit Developer and copy the verifier token to your clipboard.
- Add the verifier token to the
.env
file like so: - Then in the
example/app.rb
put in this (below theCONSUMER_SECRET
constant): - Open up your sandbox that was used when performing Spinning up an example app step.
- Copy this URL (
https://sandbox.qbo.intuit.com/app/estimate?txn=100
) and paste into the address bar after logging into the sandbox to go directly to Estimate 1001. - Change the Status from "Pending" to "Accepted" and hit "Save".
- Go back the console where example app is running and look for the incoming request.
- From this point you want to parse the JSON, putting the results into a queue for backend processing.
$ shotgun example/app.rb
$ ngrok http 9393
post '/webhooks' do request.body.rewind data = request.body.read puts JSON.parse data verified = verify_webhook(data, env['HTTP_INTUIT_SIGNATURE']) puts "Verified: #{verified}" end
helpers do def verify_webhook(data, hmac_header) digest = OpenSSL::Digest.new('sha256') calculated_hmac = Base64.encode64(OpenSSL::HMAC.digest(digest, VERIFIER_TOKEN, data)).strip calculated_hmac == hmac_header end end
require 'openssl' require 'base64'
This section is at the 7:47 mark.
... export QBO_API_COMPANY_ID=1441111111 export QBO_API_VERIFIER_TOKEN=[put here]
VERIFIER_TOKEN = ENV['QBO_API_VERIFIER_TOKEN']
This section is at the 10:10 mark.
Conclusion
QuickBooks Online Webhooks support is going to radically simplify syncing user actions on QBO to your app. I am planning on perhaps 2 more webhooks tutorials so sign up for the newsletter below. Lastly, make sure you read Intuit's Best Practices section.
- Pushed on 07/26/2016 by Christian
- QuickBooks Integration Consulting