authentication
Hi,
My name is Siddharth, while I am exploring XERO for integrating with java based application, i see a challenge always to send the clientid and client secret in standard flow of authentication , this I see is a must have neccessity to get access and refresh token in callback, my feedback would that when we do an OAuth based integration , can we just use the code and state to get the access token and refresh token , getting the clientid from front end everytime will always be a challenge .
We are not a general support forum, review the authentication documentation at https://developer.xero.com/documentation/guides/oauth2/auth-flow or get in touch with the team at api@xero.com if you're still having trouble.