An MCP server for QuickBooks Online — built for bookkeepers, CFOs, and accountants who use AI assistants in their daily workflow.
Ask your AI assistant to pull a P&L report, create a journal entry, or investigate an account balance — using plain language, not API payloads.
Intuit provides an official MCP server that's a solid starting point for developers exploring the QuickBooks API. This server takes a different approach: it's designed for financial professionals working in production books.
Intuit's server requires QuickBooks internal IDs for every reference — you need to look up a vendor's ID before creating a bill. This server resolves names automatically:
"Create a bill for PG&E, $450 to Utilities, dated 2025-01-15"
→ Vendor, account, and department names are resolved automatically
This is the only QuickBooks MCP server with report tools. Pull a P&L, Balance Sheet, or Trial Balance — broken down by month, department, or class — without leaving your AI conversation.
Every create and edit operation defaults to draft/preview mode. You see exactly what will be written to your books before committing. No accidental journal entries or misclassified expenses.
Instead of separate search tools for each entity type, a single SQL-like query tool works across all QuickBooks entities. AI assistants write SQL naturally, and QuickBooks validates it — no field whitelists to maintain.
"SELECT * FROM Purchase WHERE TxnDate >= '2025-01-01' AND TxnDate <= '2025-01-31'"
Store credentials locally for personal use, or in AWS Secrets Manager for shared environments. OAuth tokens refresh automatically and persist across sessions.
| Intuit Official | This Server | |
|---|---|---|
| Audience | Developers exploring the API | Bookkeepers, CFOs, accountants |
| Name resolution | Requires internal QB IDs | Resolves names automatically |
| Financial reports | None | P&L, Balance Sheet, Trial Balance |
| Write safety | Executes immediately | Draft preview by default |
| Query approach | Entity-specific search tools | SQL-like queries across all entities |
| Credentials | Local .env file |
Local file or AWS Secrets Manager |
| Distribution | Clone from GitHub | npx quickbooks-mcp |
- QuickBooks Developer Account: Register at developer.intuit.com
- Node.js 18+
Choose the setup that fits your use case:
| Setup | Best For |
|---|---|
| NPM Install | Quick setup, using your own QuickBooks app |
| Local Checkout | Development, customization |
| AWS Mode | Shared/production environments |
The simplest way to get started. Credentials are stored locally on your machine.
- Go to developer.intuit.com and sign in
- Create a new app (or select an existing one)
- Go to "Keys & credentials"
- Note your Client ID and Client Secret
- Under "Redirect URIs", add:
https://developer.intuit.com/v2/OAuth2Playground/RedirectUrl
Add to your project's .mcp.json:
{
"mcpServers": {
"quickbooks": {
"command": "npx",
"args": ["-y", "quickbooks-mcp"]
}
}
}Create ~/.quickbooks-mcp/credentials.json:
{
"client_id": "your_client_id",
"client_secret": "your_client_secret"
}Once Claude Code is running, use the qbo_authenticate tool:
- Call
qbo_authenticatewith no arguments to get an authorization URL - Open the URL in your browser and authorize the app
- Copy the
codeandrealmIdfrom the redirect URL - Call
qbo_authenticateagain with the authorization code and realm ID
Your OAuth tokens will be saved and automatically refreshed.
For development or customization.
Follow the same steps as Option 1 above.
git clone https://github.com/laf-rge/quickbooks-mcp.git
cd quickbooks-mcp
npm install
npm run buildAdd to your project's .mcp.json:
{
"mcpServers": {
"quickbooks": {
"command": "node",
"args": ["/path/to/quickbooks-mcp/dist/index.js"]
}
}
}Create ~/.quickbooks-mcp/credentials.json with your client credentials (same as Option 1), then run qbo_authenticate to complete the OAuth flow.
For shared or production environments. Stores credentials in AWS Secrets Manager.
Create the secret in Secrets Manager:
aws secretsmanager create-secret \
--name prod/qbo \
--secret-string '{
"client_id": "your_client_id",
"client_secret": "your_client_secret",
"access_token": "your_access_token",
"refresh_token": "your_refresh_token",
"redirect_url": "https://developer.intuit.com/v2/OAuth2Playground/RedirectUrl"
}'Store Company ID in SSM Parameter Store:
aws ssm put-parameter \
--name /prod/qbo/company_id \
--value "your_company_id" \
--type SecureStringCreate a .env file in the quickbooks-mcp directory:
QBO_CREDENTIAL_MODE=aws
AWS_REGION=us-east-2
QBO_SECRET_NAME=prod/qbo
QBO_COMPANY_ID_PARAM=/prod/qbo/company_idNote: Due to a known Claude Code bug, environment variables from
.mcp.jsonare not reliably passed to MCP servers. The.envfile workaround is required.
{
"mcpServers": {
"quickbooks": {
"command": "node",
"args": ["/path/to/quickbooks-mcp/dist/index.js"]
}
}
}The server needs these AWS permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"secretsmanager:GetSecretValue",
"secretsmanager:PutSecretValue"
],
"Resource": "arn:aws:secretsmanager:*:*:secret:prod/qbo*"
},
{
"Effect": "Allow",
"Action": ["ssm:GetParameter"],
"Resource": "arn:aws:ssm:*:*:parameter/prod/qbo/*"
}
]
}If you have one QuickBooks account with multiple companies, you can connect them all by running a separate MCP server instance per company. Each instance uses the same Intuit developer app (same Client ID and Secret) but has its own credential file storing that company's OAuth tokens and Realm ID.
Note: This section covers multiple companies under a single QuickBooks account (one login, multiple company files). If you have separate QuickBooks accounts (different logins), each account requires its own Intuit developer app with its own Client ID and Secret.
Each company gets its own credential file. The files only need your Client ID and Client Secret to start; the OAuth tokens and Realm ID are added when you authenticate.
mkdir -p ~/.quickbooks-mcp
# Create a starter credential file for each company
for company in acme widgets holdco; do
echo '{ "client_id": "YOUR_CLIENT_ID", "client_secret": "YOUR_CLIENT_SECRET" }' \
> ~/.quickbooks-mcp/${company}.json
chmod 600 ~/.quickbooks-mcp/${company}.json
doneIn your .mcp.json, create a separate entry for each company. They all point to the same server binary but use different credential files via QBO_CREDENTIAL_FILE:
{
"mcpServers": {
"quickbooks-acme": {
"command": "npx",
"args": ["-y", "quickbooks-mcp"],
"env": {
"QBO_CLIENT_ID": "ABxx...your_client_id",
"QBO_CLIENT_SECRET": "RRxx...your_client_secret",
"QBO_CREDENTIAL_FILE": "/Users/you/.quickbooks-mcp/acme.json",
"QBO_INLINE_OUTPUT": "true",
"QBO_SANDBOX": "false"
}
},
"quickbooks-widgets": {
"command": "npx",
"args": ["-y", "quickbooks-mcp"],
"env": {
"QBO_CLIENT_ID": "ABxx...your_client_id",
"QBO_CLIENT_SECRET": "RRxx...your_client_secret",
"QBO_CREDENTIAL_FILE": "/Users/you/.quickbooks-mcp/widgets.json",
"QBO_INLINE_OUTPUT": "true",
"QBO_SANDBOX": "false"
}
},
"quickbooks-holdco": {
"command": "npx",
"args": ["-y", "quickbooks-mcp"],
"env": {
"QBO_CLIENT_ID": "ABxx...your_client_id",
"QBO_CLIENT_SECRET": "RRxx...your_client_secret",
"QBO_CREDENTIAL_FILE": "/Users/you/.quickbooks-mcp/holdco.json",
"QBO_INLINE_OUTPUT": "true",
"QBO_SANDBOX": "false"
}
}
}
}After restarting your AI assistant, authenticate each company one at a time. The OAuth flow will ask you to select which company to authorize:
- Call
qbo_authenticateon the quickbooks-acme server (no arguments) to get an authorization URL - Open the URL, sign in, and select the Acme company when prompted
- Copy the
codeandrealmIdfrom the redirect URL - Call
qbo_authenticateagain with the code and realmId to complete the flow - Repeat for each company
Each company's OAuth tokens and Realm ID are saved to its own credential file. Tokens refresh automatically and independently.
Each MCP server instance is completely independent. Your AI assistant sees them as separate tool namespaces (e.g., quickbooks-acme__query vs quickbooks-widgets__query), so you can query across all companies in parallel or work with one at a time.
By default, large responses (reports, query results) are written to /tmp files and the server returns a file path. This works well for Claude Code in terminal environments but breaks in Claude Desktop and plugin environments where the model cannot read from /tmp.
Set QBO_INLINE_OUTPUT=true to return all responses inline instead.
Option A — via .env file (recommended for local checkout):
Create a .env file in the quickbooks-mcp directory:
QBO_INLINE_OUTPUT=trueOption B — via .mcp.json env block (recommended for NPM install):
{
"mcpServers": {
"quickbooks": {
"command": "npx",
"args": ["-y", "quickbooks-mcp"],
"env": {
"QBO_CREDENTIAL_MODE": "local",
"QBO_CREDENTIAL_FILE": "~/.quickbooks-mcp/credentials.json",
"QBO_INLINE_OUTPUT": "true"
}
}
}
}Note: Due to a known Claude Code bug, environment variables from
.mcp.jsonare not reliably passed to MCP servers in some configurations. If Option B doesn't work, use the.envfile workaround.
| Variable | Default | Description |
|---|---|---|
QBO_CREDENTIAL_MODE |
local |
Credential storage: local or aws |
QBO_CLIENT_ID |
- | QuickBooks app Client ID (local mode) |
QBO_CLIENT_SECRET |
- | QuickBooks app Client Secret (local mode) |
QBO_CREDENTIAL_FILE |
~/.quickbooks-mcp/credentials.json |
Custom credential file path |
QBO_INLINE_OUTPUT |
false |
Return responses inline instead of writing to /tmp files. Required when using Claude Desktop or plugin environments where file-based output is not accessible to the model. |
QBO_SANDBOX |
false |
Use QuickBooks sandbox environment |
AWS_REGION |
us-east-2 |
AWS region (aws mode) |
QBO_SECRET_NAME |
prod/qbo |
Secrets Manager secret name (aws mode) |
QBO_COMPANY_ID_PARAM |
/prod/qbo/company_id |
SSM parameter path (aws mode) |
| Tool | Description |
|---|---|
| Setup | |
qbo_authenticate |
Set up OAuth credentials (local mode only) |
get_company_info |
Get connected company information |
| Query & Reports | |
query |
Run SQL-like queries against any QuickBooks entity |
list_accounts |
List chart of accounts with filtering |
create_account |
Create a new account (top-level or sub-account) in the chart of accounts |
edit_account |
Rename, deactivate, re-parent, or edit description/number of an existing account |
get_profit_loss |
Profit & Loss report (by month, department, class, etc.) |
get_balance_sheet |
Balance Sheet report |
get_trial_balance |
Trial Balance report |
query_account_transactions |
All transactions affecting a specific account |
account_period_summary |
Period summary for an account (opening/closing balance, debits, credits, count) |
| Journal Entries | |
create_journal_entry |
Create a journal entry (validates debits = credits) |
get_journal_entry |
Fetch a journal entry by ID |
edit_journal_entry |
Modify an existing journal entry |
| Bills | |
create_bill |
Create a vendor bill |
get_bill |
Fetch a bill by ID |
edit_bill |
Modify an existing bill |
| Expenses | |
create_expense |
Create an expense (Cash, Check, or Credit Card) |
get_expense |
Fetch an expense by ID |
edit_expense |
Modify an existing expense |
bulk_edit_expense |
Apply edit_expense to a batch of purchases in one call with per-item status |
| Sales Receipts | |
create_sales_receipt |
Create a sales receipt with item lines |
get_sales_receipt |
Fetch a sales receipt by ID |
edit_sales_receipt |
Modify an existing sales receipt |
| Invoices | |
create_invoice |
Create an invoice with item lines (customer required) |
get_invoice |
Fetch an invoice by ID |
edit_invoice |
Modify an existing invoice |
| Deposits | |
create_deposit |
Create a bank deposit |
get_deposit |
Fetch a deposit by ID |
edit_deposit |
Modify an existing deposit |
| Vendor Credits | |
create_vendor_credit |
Create a vendor credit |
get_vendor_credit |
Fetch a vendor credit by ID |
edit_vendor_credit |
Modify an existing vendor credit |
| Customers | |
create_customer |
Create a customer or sub-customer |
get_customer |
Fetch a customer by ID |
edit_customer |
Modify an existing customer (set active=false to deactivate) |
| Vendors | |
create_vendor |
Create a vendor with contact info, 1099 status, and payment terms |
get_vendor |
Fetch a vendor by ID (tax ID returned masked) |
edit_vendor |
Modify an existing vendor (set active=false to deactivate) |
| Bill Payments | |
create_bill_payment |
Record a bill payment (Check or CreditCard) linked to vendor bills |
get_bill_payment |
Fetch a bill payment by ID |
edit_bill_payment |
Modify an existing bill payment |
| Employees | |
get_employee |
Fetch an employee by ID |
edit_employee |
Modify an existing employee (set active=false to deactivate) |
| Delete | |
delete_entity |
Delete any transaction (journal entry, bill, invoice, deposit, sales receipt, expense, vendor credit, bill payment) |
| Attachments | |
create_attachment |
Upload a file from disk and link it to an existing QBO entity (Bill, Invoice, Purchase/Expense, JournalEntry, etc.) |
The server automatically refreshes OAuth tokens on each request and persists them back to your credential store (local file or AWS Secrets Manager).
npm run dev # Run in development mode
npm run build # Build
npm run typecheck # Type checkRun the qbo_authenticate tool to set up OAuth credentials (local mode only).
Authorization codes are only valid for a few minutes. Start the OAuth flow again.
- Check that your refresh token hasn't expired (~100 days)
- Verify your client credentials are correct
- Try re-authenticating with
qbo_authenticate
- Ensure
.envfile hasQBO_CREDENTIAL_MODE=aws - Check your AWS credentials and permissions
- Verify the secret and parameter names match your configuration