QuickBooks "Connect to Intuit" Button Keeps Control in Pop-Up Window
Developers implementing the Intuit connect button find the OAuth flow stays inside the pop-up instead of returning control to the parent page — by design.
QuickBooks developers integrating the “Connect to Intuit” button into a web application have reported confusion when the OAuth connection flow appears to strand the user inside a pop-up window rather than handing control back to the parent page. The behavior, it turns out, is not a bug but an intentional design choice in how Intuit’s authentication process works.
What Users Encounter
Developers following Intuit’s documented setup for the connect-to-Intuit button report that everything functions correctly up through the final step of the OAuth handshake. The button renders, the pop-up opens, the user authenticates, and the authorization process completes successfully. But where developers expect the parent page to regain focus automatically, the pop-up instead remains open and active — leaving the impression that something in the integration is broken.
The setup typically involves placing the Intuit-provided JavaScript library on a page, configuring it with a menu proxy endpoint and a grant URL on the developer’s own server, and embedding the connect button markup in the page body. Developers report using essentially the standard boilerplate, changing only the server name — yet the pop-up persists.
Why the Pop-Up Stays Open
According to the accepted answer in the developer community, the pop-up behavior is fundamental to how the Intuit Anywhere OAuth process was built. The authentication flow is specifically designed to open in a separate pop-up window rather than redirecting within the same browser tab. That pop-up carries the user through the entire OAuth connection sequence — sign-in, authorization, and confirmation — and at the end forwards the user back toward the developer’s application.
The key point developers tend to miss is that closing the pop-up and refreshing the parent page is not something Intuit’s button handles entirely on its own. Once the OAuth process completes and the pop-up arrives back at the application, the application itself is responsible for closing the pop-up window and triggering a refresh of the underlying parent page.
What the Parent Page Refresh Accomplishes
Refreshing the parent page after the pop-up closes serves a specific purpose beyond simple cleanup. Once the OAuth connection is established, the parent page needs to reload so it can detect the authenticated state and display the Intuit blue dot menu — the visual indicator that confirms the user is now connected to their QuickBooks company data. Without that refresh, the parent page has no way of knowing the connection was completed, and the blue dot menu will not appear.
So the expected flow is: the user clicks the connect button, the pop-up opens for authentication, the OAuth process runs to completion, the pop-up returns to the application’s grant URL, the application closes the pop-up programmatically, and the parent page refreshes to reflect the now-authenticated session.
The Takeaway
Developers running into this should understand that seeing the pop-up remain open after authentication is not a sign of a misconfigured proxy, a bad grant URL, or a broken JavaScript include. The pop-up is the intended vehicle for the entire OAuth exchange. The work that remains — closing that pop-up and refreshing the parent page — falls to the application receiving the OAuth callback, not to Intuit’s button widget itself.