How to add QuickBooks Online MCP Server to Cursor
Intuit's official local MCP server exposing QuickBooks Online accounting data as callable tools. Paste the config into ~/.cursor/mcp.json and restart Cursor.
Last updated June 15, 2026 · 280★ · stdio · oauth · official
Cursor config for QuickBooks Online MCP Server
git clone https://github.com/intuit/quickbooks-online-mcp-server && npm install && npm run build && node dist/index.js{
"mcpServers": {
"quickbooks-online-mcp-server": {
"command": "node",
"args": [
"/absolute/path/to/quickbooks-online-mcp-server/dist/index.js"
],
"env": {
"QUICKBOOKS_REALM_ID": "<your-qbo-realm-id>",
"QUICKBOOKS_CLIENT_ID": "<your-qbo-client-id>",
"QUICKBOOKS_ENVIRONMENT": "sandbox",
"QUICKBOOKS_CLIENT_SECRET": "<your-qbo-client-secret>",
"QUICKBOOKS_REFRESH_TOKEN": "<your-qbo-refresh-token>"
}
}
}
}Setup steps
- 1Open Cursor → Settings → MCP → Add new MCP server (or edit ~/.cursor/mcp.json directly).
- 2Paste the QuickBooks Online MCP Server config below into the "mcpServers" object.
- 3Fill in placeholder secrets, then save.
- 4Cursor reloads MCP servers automatically — check Settings → MCP for a green status dot.
- 5Ask Cursor to use one of QuickBooks Online MCP Server's tools to confirm it's connected.
Before you start
- Node.js 18 or higher
- A QuickBooks (Intuit) Developer account and an app created in the Intuit Developer Portal
- OAuth 2.0 credentials from the app's Keys & Credentials page: Client ID and Client Secret
- A Realm ID (QuickBooks company ID) and a refresh token obtained via the included OAuth handshake
- An MCP-compatible client such as Claude Desktop
What QuickBooks Online MCP Server can do in Cursor
get_* / search_* (read)Read and query tools for ~29 entity types including customers, invoices, bills, vendors, accounts, items, and journal entries.
create_* (write)Create entities such as customers, invoices, bills, vendors, and payments; can be disabled via QUICKBOOKS_DISABLE_WRITE.
update_* (update)Update supported entities; can be disabled via QUICKBOOKS_DISABLE_UPDATE.
delete_* (delete)Delete supported entities; can be disabled via QUICKBOOKS_DISABLE_DELETE.
get_balance_sheetGenerates the Balance Sheet financial report.
get_profit_and_lossGenerates the Profit & Loss financial report.
get_cash_flowGenerates the Cash Flow statement.
get_trial_balanceGenerates the Trial Balance report.
Security
Connects to live accounting data via OAuth 2.0 refresh tokens; keep client secret and refresh token out of source control and start in the sandbox environment. Write operations can alter real ledgers, so use the write-disable flags or review tool permissions.
QuickBooks Online MCP Server + Cursor FAQ
Where is the Cursor config file?
Cursor reads MCP servers from ~/.cursor/mcp.json. Paste the QuickBooks Online MCP Server config there under the "mcpServers" key and restart the client.
Is QuickBooks Online MCP Server safe to use with Cursor?
Connects to live accounting data via OAuth 2.0 refresh tokens; keep client secret and refresh token out of source control and start in the sandbox environment. Write operations can alter real ledgers, so use the write-disable flags or review tool permissions.
Does it support production QuickBooks or only the Sandbox?
As an early-preview release the local server is intended to run against the QuickBooks Sandbox environment. You select the environment in your `.env`, but production support is limited during preview.
How does authentication work?
It uses OAuth 2.0. You create an app in the Intuit Developer Portal, then run `npm run auth` for a browser sign-in that returns a refresh token used together with your Client ID, Client Secret, and Realm ID.
Can I prevent it from modifying my books?
Yes. Set QUICKBOOKS_DISABLE_WRITE, QUICKBOOKS_DISABLE_UPDATE, and QUICKBOOKS_DISABLE_DELETE to disable the create/update/delete tool categories, leaving only read access.