We have chosen a slightly different path for exposing the payments API to FileMaker. The main reason is we want to avoid having to deal with PCI compliance in any way. Read more about our approach to PCI Compliance here.
The net effect of our approach is to not provide a straight proxy through to Intuit's servers for payments, but to expose only functionality we are sure doesn't impact PCI Compliance. Intuit's API allows you to use Credit Card or Bank Info directly in all the requests that can result in a charge on a card or a debit of a bank account. We do not. We only allow using a token.
This is handled exactly the same as with the accounting API. Use your API Key as the user name with HTTP Basic Authentication.
Two Step Process
Whether you are charge a card or debiting a bank account, you follow the same process.