Summary
Gives you read and write access to QuickBooks Online's accounting data through the MCP protocol. You can create and query invoices, manage bills, work with customers and vendors, handle employee records, and interact with the chart of accounts. Part of Mindstone's 35-connector monorepo, which means it ships with the same host-orchestrated OAuth patterns and security hardening (pinned dependencies, OIDC provenance, seven-day release cool-down) as their Google Workspace and HubSpot servers. Look for the QB_ALLOW_PROD_WRITES environment flag if you need mutation permissions outside sandbox mode. Reach for this when you're building accounting workflows or need an LLM to pull financial data without opening the QuickBooks UI.
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →
Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →
Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →
On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →
Tools
Public tool metadata for what this MCP can expose to an agent.
18 tools
QUICKBOOKS_CREATE_ACCOUNTCreate a new account in QuickBooks with the given parameters.4 params
Create a new account in QuickBooks with the given parameters.
Parameters* required
namestringUser recognizable name for the Account. Account.Name attribute must not contain double quotes (") or colon (:).
account_typestringType of the account to be createdone of
Bank · Other Current Asset · Fixed Asset · Other Asset · Accounts Receivable · Equityaccount_numberstringUser-defined account number to help the user in identifying the account within the chart-of-accounts and in deciding what should be posted to the account. must not contain colon (:). For France locales:
account_sub_typestringSub-type of the account. Must use exact enum values (no spaces/slashes). Examples: 'AdvertisingPromotional' (NOT 'Advertising/Promotional'), 'Checking', 'Inventory', 'OtherCurrentAssets', 'Vehicles', 'RetainedEarnings', 'Insurance', 'InterestEarned'. See QuickBooks API docs for complete list.one of
CashOnHand · Checking · MoneyMarket · RentsHeldInTrust · Savings · TrustAccountsQUICKBOOKS_CREATE_CUSTOMERCreate a new customer in QuickBooks with the given parameters.6 params
Create a new customer in QuickBooks with the given parameters.
Parameters* required
titlestringTitle of the person (max 16 characters - keep it short like 'Mr.', 'Dr.', 'CEO'). This tag supports i18n, all locales. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, Suffix, or FullyQualifiedName attributes are required during create.
suffixstringSuffix of the name. For example, Jr. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
given_namestringGiven name or first name of a person. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
family_namestringFamily name or the last name of the person. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
middle_namestringMiddle name of the person. The person can have zero or more middle names. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
display_namestringThe name as displayed. Must be unique across all Customer, Vendor, and Employee objects. Cannot be removed with sparse update. If not supplied, the system generates DisplayName by concatenating customer name components supplied in the request from the following list: Title, GivenName, MiddleName, FamilyName, and Suffix.
QUICKBOOKS_CREATE_EMPLOYEECreate a new employee in QuickBooks.3 params
Create a new employee in QuickBooks.
Parameters* required
given_namestringGiven name or Family name of a person. At least one of `given_name` or `family_name` attributes is required.
family_namestringFamily name or the last name of the person. At least one of `given_name` or `family_name` attributes is required.
primary_addrobjectRepresents the physical street address for this employee. If QuickBooks Payroll is enabled for the company, the following PhysicalAddress fields are required: City, CountrySubDivisionCode, PostalCode.
QUICKBOOKS_CREATE_INVOICETool to create a new invoice in QuickBooks. Use after confirming customer and item details.3 params
Tool to create a new invoice in QuickBooks. Use after confirming customer and item details.
Parameters* required
linesarrayList of invoice line item objects. Each item must include at least: 'DetailType', 'Amount', and 'SalesItemLineDetail' with an 'ItemRef.value'.
customer_idstringID of the customer to invoice (CustomerRef.value)
minorversionintegerOptional minorversion query parameter to control API behavior
QUICKBOOKS_CREATE_VENDORCreate a new vendor in QuickBooks with the given details.6 params
Create a new vendor in QuickBooks with the given details.
Parameters* required
titlestringTitle of the person (max 16 characters - keep it short like 'Mr.', 'Dr.', 'CEO'). This tag supports i18n, all locales. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, Suffix, or FullyQualifiedName attributes are required during create.
suffixstringSuffix of the name. For example, Jr. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
given_namestringGiven name or first name of a person. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
family_namestringFamily name or the last name of the person. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
middle_namestringMiddle name of the person. The person can have zero or more middle names. The DisplayName attribute or at least one of Title, GivenName, MiddleName, FamilyName, or Suffix attributes is required for object create.
display_namestringThe name as displayed. Must be unique across all Customer, Vendor, and Employee objects. Cannot be removed with sparse update. If not supplied, the system generates DisplayName by concatenating customer name components supplied in the request from the following list: Title, GivenName, MiddleName, FamilyName, and Suffix.
QUICKBOOKS_CUSTOMER_BALANCE_DETAILGenerate a balance detail report for a customer in QuickBooks with the given customer ID.13 params
Generate a balance detail report for a customer in QuickBooks with the given customer ID.
Parameters* required
arpaidstringStatus of the balance.one of
All · Paid · UnpaidcolumnsstringColumn types to be shown in the report. Supported Values: bill_addr, create_by, create_date, cust_bill_email, cust_comp_name, cust_msg, cust_phone_other, cust_tel, cust_name, deliv_addr, doc_num*, due_date*, last_mod_by, last_mod_date, memo*, sale_sent_state, ship_addr, ship_date, ship_via, term_name, tracking_num, tx_date*, txn_type*. Additional columns with custom fields enabled: sales_cust1, sales_cust2, sales_cust3. Additional columns with location tracking enabled: dept_name*
custom1stringFilter by the specified custom field as defined by the CustomField attribute in transaction entities where supported. Supported Values: Name of custom field.
shipviastringFilter by the shipping method as stored in Invoice.ShipMethodRef.Name.
sort_bystringThe column type used in sorting report rows. Specify a column type as defined with the columns query parameter.
term_idsarrayOne or more comma separated term IDs. Filters report contents based on term or terms supplied.
sort_orderstringThe sort order.one of
ascend · descendend_duedatestringThe range of dates over which receivables are due, in the format YYYY-MM-DD. start_duedate must be less than end_duedate. If not specified, all data is returned.
report_datestringStart date to use for the report, in the format YYYY-MM-DD.
aging_methodstringThe date upon which aging is determined.one of
Report_Date · Currentcustomer_idsarrayOne or more comma separated customer IDs. Filters report contents to include information for specified customers.
start_duedatestringThe range of dates over which receivables are due, in the format YYYY-MM-DD. start_duedate must be less than end_duedate. If not specified, all data is returned.
department_idsarrayOne or more comma separated department IDs. Filters report contents to include information for specified departments if so configured in the company file.
QUICKBOOKS_CUSTOMER_BALANCE_REPORTGenerate a balance report for a customer in QuickBooks with the given customer ID.8 params
Generate a balance report for a customer in QuickBooks with the given customer ID.
Parameters* required
arpaidstringSupported Values: All, Paid, Unpaidone of
All · Paid · Unpaiddate_macrostringPredefined date range. Use if you want the report to cover a standard report date range; otherwise, use the start_date and end_date to cover an explicit report date range.one of
Today · Yesterday · This Week · Last Week · This Week-to-date · Last Week-to-datesort_orderstringThe sort order.one of
ascend · descendreport_datestringStart date to use for the report, in the format YYYY-MM-DD.
customer_idsarrayFilters report contents to include information for specified customers. Supported Values: One or more comma separated customer IDs as returned in the attribute, Customer.Id, of the Customer object response code.
department_idsarrayOne or more comma separated department IDs. Filters report contents to include information for specified departments if so configured in the company file.
accounting_methodstringThe accounting method used in the report. one of
Cash · Accrualsummarize_column_bystringThe criteria by which to group the report results.one of
Total · Month · Week · Days · Quarter · YearQUICKBOOKS_LIST_INVOICESTool to list invoices via QuickBooks Query endpoint. Use when retrieving invoices with optional pagination and custom fields.3 params
Tool to list invoices via QuickBooks Query endpoint. Use when retrieving invoices with optional pagination and custom fields.
Parameters* required
fieldsarrayList of fields to select in the query. Defaults to ['Id','SyncToken','DocNumber','TotalAmt','Balance','TxnDate'].
max_resultsintegerMaximum number of records to return; default 50, max 1000.default: 50
start_positionintegerStarting position for pagination within the result set. Default is 1.default: 1
QUICKBOOKS_QUERY_ACCOUNTQuery an account in QuickBooks with the given parameters.1 params
Query an account in QuickBooks with the given parameters.
Parameters* required
querystringQuery to be executed
QUICKBOOKS_READ_ACCOUNTRead an account in QuickBooks with the given account ID.1 params
Read an account in QuickBooks with the given account ID.
Parameters* required
account_idstringID of the account to be read
QUICKBOOKS_READ_CUSTOMERRead a customer in QuickBooks with the given customer ID.1 params
Read a customer in QuickBooks with the given customer ID.
Parameters* required
customer_idstringID of the customer to be read
QUICKBOOKS_READ_EMPLOYEERead an employee's details in QuickBooks with the given employee ID.1 params
Read an employee's details in QuickBooks with the given employee ID.
Parameters* required
employee_idstringThe ID of the employee to be read.
QUICKBOOKS_READ_INVOICETool to fetch a QuickBooks invoice by ID or the most recent if no ID provided. Use when needing full invoice details including metadata and sync token.2 params
Tool to fetch a QuickBooks invoice by ID or the most recent if no ID provided. Use when needing full invoice details including metadata and sync token.
Parameters* required
invoice_idstringID of the invoice to read; if not provided, fetches the latest invoice
minorversionintegerAPI minor version to use for the request
QUICKBOOKS_READ_VENDORRead a vendor in QuickBooks with the given vendor ID.1 params
Read a vendor in QuickBooks with the given vendor ID.
Parameters* required
vendor_idstringID of the vendor to be read
QUICKBOOKS_UPDATE_FULL_INVOICETool to fully replace an Invoice. Use when you need to update all aspects of an existing invoice in a single operation.3 params
Tool to fully replace an Invoice. Use when you need to update all aspects of an existing invoice in a single operation.
Parameters* required
invoiceobjectFull Invoice JSON payload to update; must include Id and SyncToken. Any writable field omitted will be cleared. Do not set sparse=true.
requestidstringOptional idempotency key (<=50 chars) to prevent duplicate writes on retries.
minorversionintegerOptional QuickBooks API minorversion to access newer fields (e.g., 63).
QUICKBOOKS_UPDATE_SPARSE_INVOICETool to perform a sparse update of an existing invoice. Use when you need to update only specific invoice fields without overwriting other data.1 params
Tool to perform a sparse update of an existing invoice. Use when you need to update only specific invoice fields without overwriting other data.
Parameters* required
invoiceobjectInvoice object containing Id, SyncToken, sparse flag, and fields to update
QUICKBOOKS_VENDOR_BALANCE_DETAILGenerate a balance detail report for a vendor in QuickBooks with the given vendor ID.12 params
Generate a balance detail report for a vendor in QuickBooks with the given vendor ID.
Parameters* required
appaidstringStatus of the balance.one of
All · Paid · Unpaidsort_bystringThe column type used in sorting report rows. Specify a column type as defined with the columns query parameter.
term_idsarrayOne or more comma separated term IDs. Filters report contents based on term or terms supplied.
date_macrostringPredefined date range. Use if you want the report to cover a standard report date range; otherwise, use the start_date and end_date to cover an explicit report date range.one of
Today · Yesterday · This Week · Last Week · This Week-to-date · Last Week-to-datesort_orderstringThe sort order.one of
ascend · descendvendor_idsarrayOne or more comma separated vendor IDs. Filters report contents to include information for specified vendors.
end_duedatestringThe range of dates over which receivables are due, in the format YYYY-MM-DD. start_duedate must be less than end_duedate. If not specified, all data is returned.
report_datestringStart date to use for the report, in the format YYYY-MM-DD.
duedate_macrostringPredefined date range of due dates for balances to include in the report; otherwise, use the start_duedate and end_duedate to cover an explicit report date range. one of
Today · Yesterday · This Week · Last Week · This Week-to-date · Last Week-to-datestart_duedatestringThe range of dates over which receivables are due, in the format YYYY-MM-DD. start_duedate must be less than end_duedate. If not specified, all data is returned.
department_idsarrayOne or more comma separated department IDs. Filters report contents to include information for specified departments if so configured in the company file.
accounting_methodstringThe accounting method used in the report.one of
Cash · AccrualQUICKBOOKS_VENDOR_BALANCE_REPORTGet the balance report of a vendor in QuickBooks with the given vendor ID.9 params
Get the balance report of a vendor in QuickBooks with the given vendor ID.
Parameters* required
qzurlstringSpecifies whether Quick Zoom URL information should be generated for rows in the report.
appaidstringStatus of the balance.one of
All · Paid · Unpaiddate_macrostringPredefined date range. Use if you want the report to cover a standard report date range; otherwise, use the start_date and end_date to cover an explicit report date range.one of
Today · Yesterday · This Week · Last Week · This Week-to-date · Last Week-to-datesort_orderstringThe sort order.one of
ascend · descendvendor_idsarrayFilters report contents to include information for specified vendors. Supported Values: One or more comma separated vendor IDs as returned in the attribute, Vendor.Id, of the Vendor object response code.
report_datestringStart date to use for the report, in the format YYYY-MM-DD.
department_idsarrayOne or more comma separated department IDs. Filters report contents to include information for specified departments if so configured in the company file.
accounting_methodstringThe accounting method used in the report. one of
Cash · Accrualsummarize_column_bystringThe criteria by which to group the report results.one of
Total · Month · Week · Days · Quarter · Year
mcp-servers
Source-available MCP servers by Mindstone. Works with any MCP host — Claude Desktop, Cursor, Rebel, and others.
Browse all 35 connectors with their version, auth model, and tool count at the catalogue site (regenerated from each connector's STATUS.json on every push).
Connectors
| Connector | Description |
|---|---|
| apple-shortcuts | Run and list Apple Shortcuts on macOS via the shortcuts CLI |
| browser-automation | Headless browser control via accessibility snapshots — navigate, fill forms, click, and screenshot pages via the agent-browser CLI |
| elevenlabs | Generate speech, music, and sound effects, browse voices, and transcribe audio via the ElevenLabs API |
| email-imap | Read, search, send, and manage emails through IMAP and SMTP |
| fathom | List and search meetings, view details, read transcripts, and manage teams via Fathom AI |
| freshdesk | Manage helpdesk tickets, search support requests, reply to customers, and add internal notes |
| gamma | Create AI-powered presentations, documents, webpages, and social posts via Gamma |
| google-analytics | Discover GA4 accounts and properties, explore the live schema, and run reports via the Google Analytics API |
| google-workspace | Read, search, and send across Gmail, Calendar, Drive, Docs, Sheets, Slides, Contacts, and Comments with host-orchestrated OAuth and per-account on-disk credentials |
| hubspot | Manage HubSpot CRM — contacts, companies, deals, tickets, leads, tasks, notes, properties, lists, workflows, knowledge base, and files — with multi-account, host-orchestrated OAuth |
| humaans | Query employee profiles, job roles, time-away requests, and company info via Humaans HR |
| kling | Generate AI videos from text descriptions or images via Kling AI |
| microsoft-calendar | List, create, update, and respond to Outlook calendar events, check free/busy, and list calendars; reuses the cohort's host-orchestrated Microsoft 365 OAuth surface |
| microsoft-files | List, search, upload, download, share, and read OneDrive files via Microsoft Graph; reuses the cohort's host-orchestrated Microsoft 365 OAuth surface |
| microsoft-mail | List, search, read, send, reply, forward, draft, move, and delete Outlook email; owns the cohort's host-orchestrated Microsoft 365 OAuth surface |
| microsoft-sharepoint | Discover sites, browse libraries, read pages and lists, search content, and mutate SharePoint files/lists with incremental Sites.Read.All consent |
| microsoft-teams | List and read Teams chats, send chat messages, list teams and channels, and read presence; reuses the cohort's host-orchestrated Microsoft 365 OAuth surface |
| mixmax | Manage sequences, send tracked emails, use templates, and monitor engagement via Mixmax |
| nano-banana | Generate and edit images using Google Gemini's AI capabilities |
| napkin | Generate professional visuals — diagrams, infographics, and illustrations — from text via Napkin AI |
| office | Read and edit Word documents, Excel workbooks, and PowerPoint presentations from desktop Microsoft 365 via an Office Add-in sidecar |
| openai-image | Generate and edit images via OpenAI's gpt-image-2 — sharp text rendering, multilingual support, and four quality levels |
| outreach | Manage prospects, sequences, accounts, tasks, and mailings via the Outreach sales engagement API |
| pandadoc | Create, send, and manage documents, templates, and e-signatures via PandaDoc |
| quickbooks | Manage invoices, bills, customers, vendors, employees, and accounts in QuickBooks Online |
| replit-ssh | Read, write, list, and check files on Replit projects over SSH/SFTP, with one-shot SSH key + config setup on the operator's machine |
| retell-ai | Place voice-agent phone calls, manage agents and LLM prompts, and discover voices via the Retell AI API |
| runway | Generate AI video, images, audio, speech, and sound effects via Runway ML |
| salesforce | Manage accounts, contacts, opportunities, leads, tasks, users, and custom objects via the Salesforce API |
| servicenow | Manage incidents, change requests, users, and knowledge base articles in ServiceNow |
| slack | Multi-workspace Slack — channels, messages, threads, reactions, users, files, bookmarks, and scheduled messages via the Slack Web API, with host-orchestrated OAuth |
| talentlms | Manage users, courses, groups, branches, enrolments, and assessments in TalentLMS |
| vanta | Read and manage compliance posture in Vanta — vulnerabilities, tests, controls, evidence, resources, people, vendors, documents, and compliance summary |
| workday | Query workers, profiles, and organizations in Workday HCM |
| zendesk | Manage tickets, macros, users, and views in Zendesk Support |
Quick Start
Each server builds independently:
cd connectors/<name>
npm install
npm run build
Or run directly via npx (once published):
npx -y @mindstone/mcp-server-zendesk
Moving from
@mindstone-engineering/? Every server has been republished under the shorter@mindstone/npm scope. The legacy@mindstone-engineering/mcp-server-*packages still install but are marked deprecated. See MIGRATION.md for the consumer one-liner and the deprecation timeline.
See each server's README for configuration and host setup instructions. Some connectors require additional environment variables to opt into specific behaviour (e.g. QB_ALLOW_PROD_WRITES for QuickBooks production writes, MCP_WORKSPACE_PATH for sandboxed file reads, BROWSER_AUTOMATION_ALLOW_EVAL for browser-automation script eval) — see the per-connector READMEs for the full list.
Security & Hardening
This monorepo follows a defence-in-depth posture for tool-call hosts. Highlights include:
- Workflow safety. GitHub Actions workflows are env-fy'd against script injection (CWE-94), every action is pinned to a commit SHA (kept current by Dependabot), and each job is granted a least-privilege
permissions:block. Publish is split into a build job (does the install/test/pack with no publish credentials) and a publish job (downloads the packed tarball, runs onlynpm publish --ignore-scripts --provenanceunder OIDC trusted publishing, gated by thenpm-publishenvironment). The publish job invokes NO third-party JS —tsc,vitest, lifecycle scripts, etc. all run upstream, away fromid-token: write. See docs/security/AUDIT_FOX-3319_tanstack_supply_chain.md for the supply-chain threat model and docs/security/BRANCH_PROTECTION.md for required GitHub settings. - Release-age cool-down. The repo-level
.npmrcsetsmin-release-age=7(days), so CI refuses to install dependency versions published in the last week. This blocks the "same-day malicious re-publish" path that ships post-npm audit-clean PRs into a release tag. - Provenance-attested releases. Releases are published by CI (
.github/workflows/release.yml) under the@mindstone/npm scope via Trusted Publishing OIDC — no long-lived npm token exists anywhere — with--provenanceSigstore attestations consumers can verify vianpm audit signatures. Every publishable release commit must carry aRelease-Gatetrailer pointing at its pre-release security review, and every publish posts an alert; the full gate chain is in docs/PUBLISH_APPROVAL_PROCESS.md. (Only a brand-new connector's first publish is manual and WebAuthn-gated; those tarballs carry no provenance attestation but remain shasum-verifiable — check out the release commit and runnpm pack; see MIGRATION.md.) - OpenSSF Scorecard. The repo runs the OpenSSF Scorecard weekly via
.github/workflows/scorecard.yml. The report is generated by a third party from the source tree, so every claim above (action pinning, branch protection, token usage, dependency hygiene) is independently checked rather than just asserted here. The current score is shown by the badge at the top of this README.
Recommendations for consumers
These connectors are published as plain npm packages. The strongest single thing you can do to protect yourself from a future supply-chain compromise of any npm package (these or otherwise) is to use a client that does not run lifecycle scripts by default:
- pnpm (
pnpm install/pnpm dlx) — does not executepostinstall/preparehooks unless explicitly allowlisted viaonlyBuiltDependencies. pnpm v11+ also defaults to a 24-hourminimumReleaseAgecool-down. - bun (
bunx) — same default, no lifecycle scripts unless allowlisted. - npm — if you must use npm, set
min-release-age=7andignore-scripts=truein your global~/.npmrc. Requires npm v11.10+ formin-release-age.
None of our published packages need postinstall to function, so disabling lifecycle scripts in your installer of choice is safe.
- Untrusted-content envelopes. External content from email, helpdesk, and ticketing systems (email-imap, freshdesk, zendesk) is wrapped in
<untrusted-content source="...">envelopes with close-tag breakout escaping, so an LLM host can recognise and refuse instruction-injection attempts. - Workspace sandboxing. File-uploading connectors (nano-banana, pandadoc, elevenlabs) constrain reads to
MCP_WORKSPACE_PATH(oros.tmpdir()) with canonical-prefix containment that handles symlinked roots like/tmp→/private/tmp. - Secure-by-default writes. Production-impacting writes (QuickBooks invoices/bills/customers/vendors) require an explicit
QB_ALLOW_PROD_WRITES=1opt-in env var; outreach prospect-enrolment and mixmax sequence-recipient tools carrydestructiveHint: trueso hosts surface confirmation prompts. - SSRF & path traversal. Download connectors (napkin, runway) enforce host allow-lists, manual-redirect handling, and symlink-safe write paths under a configurable root.
- Loopback OAuth bind. Connectors with local OAuth callback servers (salesforce, outreach) hard-code 127.0.0.1, ignoring any
MCP_OAUTH_BIND_HOSToverride. - E.164 validation. Outbound phone-call tools (retell-ai) reject non-E.164 numbers before any upstream API call.
For per-connector security notes, see each connector's README.
To report a vulnerability, please see SECURITY.md.
The Mindstone open-source family
This repo is one of several open-source projects from Mindstone:
- Rebel — the AI workspace desktop app that ships these connectors out of the box (source release in progress).
- Super-MCP — a proxy MCP router that loads only the tools you actually need, saving your context window.
- rebel-system — the public Rebel system: skills, prompts, operators, help docs, and templates.
- meeting-note-recorder — meeting detection, recording, and live transcripts (the Rebel note-taker).
Licence
Each connector is licensed under FSL-1.1-MIT — see the LICENSE file in each connector directory for details.
Featured
Keep your Mac awake while Claude Code and 40+ AI agents run. Sleeps when they're idle.
One time payment $9 →Integrate web data into your AI product. One API to scrape website & brand data.
Get API Key Now →Agent, run crypto. Access onchain data & trade routes via 1inch.
Install now →On Capafy, your Skill runs online 24/7 as an agent product, and you get paid every time someone uses it.
Start earning →Configuration
QUICKBOOKS_CLIENT_ID*Intuit Developer app client ID
QUICKBOOKS_CLIENT_SECRET*secretIntuit Developer app client secret
QUICKBOOKS_REFRESH_TOKEN*secretOAuth 2.0 refresh token
QUICKBOOKS_REALM_ID*QuickBooks company (realm) ID
QUICKBOOKS_ENVIRONMENTdefault: productionsandbox or production
QB_ALLOW_PROD_WRITESSet to exactly 1 to enable mutating tools (secure-by-default; required since 0.3.0)
Categories
Registryactive
Package@mindstone/mcp-server-quickbooks
TransportSTDIO
AuthRequired
UpdatedMay 21, 2026
