I am converting a application to use IPP .net API V3. I have already built all the OAuth and saved the token info. Trying to make connection but always get error. I have checked and recheck all the token data and it appears correct. Where did I go wrong? I am using the DevDefined for OAuth and Intuit.Ipp from NuGet (IPP API V3). I am using my test customer token info but noticed the base URL (from the IPP library) is https://quickbooks.api.intuit.com/. Should that still work?

        Dim accessToken As String = QBOE.GetOAuthItem(Profile.Common.StoreNum, "accessToken")
    Dim accessTokenSecret As String = QBOE.GetOAuthItem(Profile.Common.StoreNum, "accessTokenSecret")
    Dim consumerKey As String = ConfigurationManager.AppSettings("consumerKey")
    Dim consumerSecret As String = ConfigurationManager.AppSettings("consumerSecret")
    Dim oauthValidator As OAuthRequestValidator = New OAuthRequestValidator(accessToken, accessTokenSecret, consumerKey, consumerSecret)

    Dim CompanyID As String = QBOE.GetOAuthItem(Profile.Common.StoreNum, "CompanyID")
    Dim appToken As String = ConfigurationManager.AppSettings("applicationToken")
    Dim context As ServiceContext = New ServiceContext(appToken, CompanyID, IntuitServicesType.QBO, oauthValidator)

    Dim service As DataService = New DataService(context)

    Dim customer As Customer = New Customer()
    'Mandatory Fields
    customer.GivenName = "Mary"
    customer.Title = "Ms."
    customer.MiddleName = "Jayne"
    customer.FamilyName = "Cooper"

    Dim resultCustomer As Customer = TryCast(service.Add(customer), Customer)

Error Message (errors on service.Add) Intuit.Ipp.Exception.InvalidTokenException was unhandled by user code

I checked the calls within fiddler2 and noticed the calls for my OAuth is going through workplace.intuit.com:443 but the IPP calls go through quickbooks.api.intuit.com:443. I also noticed fiddler2 list the IPP call with a Result of 200. Output shown below.

HeaderText: CONNECT quickbooks.api.intuit.com:443 HTTP/1.1 Host: quickbooks.api.intuit.com Proxy-Connection: Keep-Alive

The data sent represents an SSLv3-compatible ClientHello handshake. For your convenience, the data is extracted below.

Major Version: 3 Minor Version: 1 Random: 53 2E 7C 6E A1 F4 02 4D 9D CF 60 C8 22 CA BC E8 67 6E D8 52 88 54 6F E7 D9 29 52 58 5C 2F 2E 52 SessionID: 9E 01 CB DB D6 C8 78 8D D0 E9 A6 5F 02 1E 2C 6D 5D 69 34 FE FD 3E A5 52 EE 19 07 E7 D9 D6 E5 30 Ciphers: [002F] TLS_RSA_AES_128_SHA [0035] TLS_RSA_AES_256_SHA [0005] SSL_RSA_WITH_RC4_128_SHA [000A] SSL_RSA_WITH_3DES_EDE_SHA [C013] TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA [C014] TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA [C009] TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA [C00A] TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA [0032] TLS_DHE_DSS_WITH_AES_128_SHA [0038] TLS_DHE_DSS_WITH_AES_256_SHA [0013] SSL_DHE_DSS_WITH_3DES_EDE_SHA [0004] SSL_RSA_WITH_RC4_128_MD5

Reply Text: HTTP/1.1 200 Blind-Connection Established FiddlerGateway: Direct StartTime: 01:17:18.298 EndTime: 01:17:18.536

This is a CONNECT tunnel, through which encrypted HTTPS traffic flows. To view the encrypted sessions inside this tunnel, ensure that the Tools > Fiddler Options > HTTPS > Decrypt HTTPS traffic option is checked.

The data sent represents an SSLv3-compatible ServerHello handshake. For your convenience, the data is extracted below.

Major Version: 3 Minor Version: 1 SessionID: 9E 01 CB DB D6 C8 78 8D D0 E9 A6 5F 02 1E 2C 6D 5D 69 34 FE FD 3E A5 52 EE 19 07 E7 D9 D6 E5 30 Random: 63 E2 D0 B1 09 45 E0 28 A4 3B 0B C2 E8 5F 08 F0 D5 F5 8E A7 47 D4 10 E2 D4 D7 5B C4 74 0B 4B E2 Cipher: 0x05

You can try this call as mentioned in the following docs using IPP provided .net devkit.

https://developer.intuit.com/docs/0025_quickbooksapi/0055_devkits/0150_ipp_.net_devkit_3.0/0002_synchronous_calls/0001_data_service_apis

401 clearly signifies that your OAuth tokens/request header is not correct. To debug this, you can use any standard RestClients ( like RestClient plugins of Mozilla browser or Fiddler) where you can set four OAuth tokens [ consumer key, consumer Secret, access Key and access token) and content-type [application/xml]

• URI: https://quickbooks.api.intuit.com/v3/company//customer
• Method: POST
• Content-Type: application/xml

Mozilla RestClient -

Set OAuth Tokens

Set Content-type ( in header )

https://developer.intuit.com/docs/0025_quickbooksapi/0050_data_services/030_entity_services_reference/customer

If the above approach works, that means your OAuth tokens are fine. You need to check and properly construct the header using devdefined then.

If it doesn't work then you need to generate a new set of access Token and Secret using IPP OAuth Playground.

https://appcenter.intuit.com/Playground/OAuth

Thanks