This document serves as a brief description of how you go about setting up Intuit Quickbooks to work with CiviCRM 4.x
- follow the instruction to install the extension: Extensions Admin
You should now be able to view the following screen when you set up Intuit Quickbooks Payment Processor.Click here to expand...
- The next thing that we need to do is apply for a merchant services account. This is done via the quicken website at the following URL.
Test : https://merchantaccount.ptc.quickbooks.com/j/mas/signup?nonQBmerchant=true
This URL is a link to Intuit’s production software. The “nonQBmerchant=true” portion of the URL lets the software know that you are a developer. During the signup process it will seem like you are signing up for an actual account.Production : https://merchant.intuit.com/signup/start.wspFollow the prompts to obtain your test account. These are self explanatory. However, you’ll need to know a few things that we’ll cover here:
When prompted to supply a valid email address, make sure you supply a valid address that has not been used before in any of the QB Online Edition or QBMS test or production environments. (Ignore any fee information for the test environment: there are no fees in the test environment for test transactions.) That email address will be your login to the test account when you need to login for connection tickets or session tickets.
After you finish applying for the QBMS account, you will see a page that says “Application Submitted.” At this point you are done and you have a ready to use PTC QBMS account! Ignore the “Important Next Steps.”
You will receive an email to the effect that the account is pending. Ignore this email: the account is activated at this point and ready for use.
- Now you need to sign up for a developer account. This account permits you to create and issue the certificates that are necessary for performing transactions with the Intuit services.
You can register for the IDN account here: https://ipp.developer.intuit.com/0090_My_IDN_Account/0010_Register_with_IDN
Navigate to: http://appreg.intuit.com to register your application.
You may choose to create your application using either the desktop security model or the hosted security model.To know about the differences between the two models, you can refer to this link:https://ipp.developer.intuit.com/0085_QuickBooks_Windows_SDK/qbms/0070_Advanced_Topics/Hosted_Security_Model#Hosted_and_Desktop_Security_Model_DifferencesClick here to expand...
- The AppID is the unique key for this application. Is is generated when you create your application on the website and is used to generate a “connection ticket” later on.
One thing that you need to be aware of:
When creating the application, Quickbooks will ask for an “https:\\” callback url for various functions. It is VERY important that these URLs have a VALID SSL certificate issued by a recognized Certificate Authority (CA).
- Issuing Certificate :
Now that you have created the Gateway Application account, you are going to need to create a certificate using Quicken’s certificate tools.
What is this certificate? It is a list of information that allows Quicken to identify your unique application and authenticate it to Quicken’s system.
Basically, when you want to do a transaction for a Merchant, you need two things:
1. A valid certificate issued by Quicken.
2. A valid connection ticket from the merchant whose account you are connecting to.
First you need to create a key file. This is the file that is used to unlock your certificate once it is issued.
openssl genrsa -out <KEYFILE NAME> 1024
openssl genrsa -out abc.com.key 1024
Once this key is generated, you can create your certificate signing request to be transmitted to Intuit.
IMPORTANT: When creating this certificate the Common Name (Your Name) needs to be EXACTLY your.url:your.application.name.
openssl req -new -key <KEYFILE NAME> -out <CSRFILE NAME>
openssl req -new -key /path/abc.com.key -out /tmp/abc.com.csr
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:NY
Locality Name (eg, city) :New York
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company Ltd.
Organizational Unit Name (eg, section) :
Common Name (eg, YOUR name) :www.abc.com:myapp.abc.com
Email Address :
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :
An optional company name :
IMPORTANT NOTE: The Email Address is (by default) attached to the CN. If you enter an email address, the certificate WILL BE REJECTED by Intuit’s servers.
Now that you have a certificate, open it up, copy the text and paste it to Intuit’s web tool at http://appreg.intuit.com:Click here to expand...
It will feed you back two certificates:Click here to expand...
CA Certificate – this is used by your server to verify Intuit’s server. It can be added to your keystore. Your keystore is a list of all of the certificates which your computer considers to be valid.
example (assumes you pasted the CA into the file /tmp/intuit.ca):
cat /tmp/intuit.ca >> /etc/ssl/certs/ca-certificates.crt
Intuit Certificate – this is the certificate presented by your application to the Intuit website to authenticate the system. It should be put in a SECURE place that your web server has access to.
Example (Certificate is located at):
/tmp/pems/intuit.pem (NOTE: For test applications, your Intuit certificate should be named as intuit-test.pem)
Your intuit.pem will be a combination of the key that you created in step 8 and the signed certificate provided by Intuit. You can achieve this by executing
cat /path/abc.com.key >> /tmp/pems/intuit.pem - PEM files need to be stored in /tmp/pems/intuit.pem
In order to get your connection ticket in a hosted security model, you need to visit this URL with your AppID in the URL https://login.ptc.quickbooks.com/j/qbn/sdkapp/confirm?appid=<AppID>&serviceid=1002&appdata=10001.
When we go to that URL we log in with the merchant account that we set up in step 4. Then we check the radio button for your application and hit “use this connection".
What this does is set off a script at Intuit that POSTS data to the URL we entered (https://abc.com/intuit.php) as callback when we registered the application.
Here is a listing of the script that we use to grab this data and write it to a file:
What this does is create a file with the connection ticket in it. Once we have this connection ticket we are ready to go and start doing transactions.
In order to get your connection ticket in a desktop security model, visit the following URL replacing your AppID : https://merchantaccount.ptc.quickbooks.com/j/sdkconnection?appid=<YourAppID>&sessionEnabled=false
Log in with your merchant account details and a screen will appear with the connection ticket. Copy and paste it into your CiviCRM payment processor configuration.
The Site URLs namely
serve as a means of communication between CiviCRM and Intuit Quickbooks.
Your CiviCRM Payment Processor screen should look something like this:
The files needed for the integration of CiviCRM with Intuit Quickbooks can be downloaded from here : https://github.com/webaccess/CiviCRM-Intuit-Payment-Processor
The files need to be placed as below:
CRM/Core/Payment/IntuitQuickbooks.php >> civicrm/CRM/Core/Payment/IntuitQuickbooks.php
CRM/Event/Payment/IntuitQuickbooks.php >> civicrm/CRM/Event/Payment/IntuitQuickbooks.php
CRM/Contribute/Payment/IntuitQuickbooks.php >> civicrm/CRM/Contribute/Payment/IntuitQuickbooks.php
CiviCRM is now successfully configured to accept contributions and communicate with Intuit's servers for payment processing.