Authentication (OAuth)
This article explains how to connect your QuickBooks Online (QBO) company to a Model Reef model using OAuth, what the connection is used for, and how to fix common authentication issues.
You will learn how to:
Connect a QBO company to a specific model.
Understand what data Model Reef reads from QBO.
Work with multiple companies or environments.
Reconnect if access is revoked or tokens expire.
What the QuickBooks connection is used for
The QuickBooks integration is used to:
Import the Chart of Accounts (COA).
Import historical actuals for P&L and Balance Sheet accounts.
Refresh actuals over time so your model stays aligned with the ledger.
By default, Model Reef uses read only access for these flows. It does not post journals, invoices or other operational transactions into QuickBooks through this integration.
Any budget push or other write behaviour is handled through explicit, separate workflows.
Connecting a QuickBooks company to a model
You connect QuickBooks at the model level. Each Model Reef model can be linked to one QuickBooks company.
Permissions and security
The QuickBooks OAuth flow grants Model Reef a scoped access token that allows it to:
Read the Chart of Accounts.
Read account balances and transaction level data needed to build actuals.
Read basic company metadata that may be useful for reporting.
The integration does not use this connection to:
Create or edit invoices or bills.
Post or update general ledger journals.
Change users, tax settings or other administrative options in QuickBooks.
Run payroll or bank feed operations.
Tokens are stored securely and refreshed using Intuit's standard OAuth refresh mechanism where supported.
If you revoke access from within QuickBooks, the connection inside Model Reef will stop working until you reconnect.
Connecting multiple companies
You can connect different Model Reef models to different QuickBooks companies. Common patterns include:
One model per legal entity, each linked to the corresponding QBO company.
One consolidation model that pulls COA and actuals from several companies, mapping each into branches.
Test or sandbox models linked to QBO sample companies for training and experimentation.
Each model stores its own QuickBooks connection. Connections are not shared across models.
Reconnecting and troubleshooting authentication
If authentication fails or expires, you may see:
Errors when starting a COA or actuals import.
Messages indicating that the QuickBooks token has expired or that access was revoked.
Partial or empty results when attempting to refresh data.
To fix:
Best practices
Use a QuickBooks user account that has read access to all relevant accounts and periods.
Avoid linking production models to demo or training companies.
Maintain a simple mapping between Model Reef models and QuickBooks companies and document this for your team.
If you perform security reviews that revoke third party access, remember to reconnect affected models afterwards.
Related articles
Last updated