How the Connection Works
Lean Income uses Intuit OAuth 2.0 with the QuickBooks Online Accounting scope. The app stores OAuth state server-side, validates that state on callback, and stores access and refresh tokens securely in the backend. Tokens are never displayed in the browser or returned from API responses.
Data Access and API Calls
The app currently reads QuickBooks Online accounting data for authorized internal workflows such as reporting, reconciliation support, transaction categorization support, payment review, and financial summaries. It does not delete QuickBooks data and does not autonomously write transactions to QuickBooks.
Reconnect Behavior
If an access token expires, Lean Income uses the stored refresh token to request a new access token and stores the latest token values returned by Intuit. If authorization cannot be refreshed, the connection is marked as needing reconnection and the authorized user can reconnect through this page.