[bslorence]

I can't be the only person who uses the Quickbooks Online API for private, non-interactive integrations between internal systems. This new process – a 40-minute legal/security questionnaire that includes questions like "how do you mitigate against CSRF?" – is preposterously draconian for our use case.

Compare with the process for getting a Stripe API key: Step 1 - Point. Step 2 - Click.

Sigh. I've been wondering for a while at what point our business would outgrow QB Online. Maybe this is the answer.