Skip to content

Accounting API

Welcome to our official feedback forum for the Xero Developer API.

The Xero Community site is the best place to submit feedback for improving Xero Business

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

9 results found

  1. Support Oauth2 'Client Credentials Flow' for server apps.

    Major drawback of Xero Oauth2 is that the 'Client Credentials Flow' is not supported. This makes it impossible to implement server-side applications to interact with Xero because there is no user interaction at all. Lot of people have been complaining about this, and it's shocking that it is still not supported in May 2021!

    3 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Allow user to connect to multiple organizations at once so we can query across multiple organizations.

    Allow users to connect to multiple ornganizations at once so we can query across multiple organizations with one query.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    completed  ·  Public API PM responded

    Bulk Connections has now been released to allow users to connect multiple organisations in one authorisation flow. It is available to all certified apps. See the App partner features page for more info

  3. Provide an API to revoke the Add-on Authentication

    It would be good to be able to permanently remove the add-on authentication access from the Xero ledger to clean things up when a user deletes an account.

    43 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Support TLS 1.2 on API connections

    Xero has a good SSL configuration on the main app (A+ on SSL labs) but the api endpoint running older and weaker encyrption.

    It appears to have some kind of TLS 1.2 support enabled but it drops after the initial hand shake which means that TLS 1.2 needs to be excluded as an option when negotitaing connections. Annoying having to set this up only for Xero.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Come up to date with a more modern Authorisation Mechanism rather than using OAuth1.0a

    oAuth1.0a was developed in 2009 and is so complicated it just doesn't make it a viable option to maximise the Xero API with any simplicity. Most organisations have at least moved to oAuth2.0.

    How about it Xero, what's the chance of moving with the times?

    15 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    completed  ·  0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. API improvements for mobile devices

    At the moment, the Xero API authentication model does not support authentication and connection via mobile devices in a practical way - the only option is the public application type giving 30mins of access.

    While changes are not currently planned, please add your vote and use case here if you would like to be able to connect directly to the Xero API from a mobile application.

    8 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Expose which user connected the organization via OAuth

    Currently, we have no idea which user connected via OAuth. In other platforms (QB for once), you get details (especially email) of the user, and can design behavior based on it. In Xero, we get all the data on the users (with the new email address field), but we don't which user connected. If this will be exposed, it will give the developers more tools to create a more specific experience for the users

    236 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Single Sign on provider

    Allow users to sign into 3rd party applications using Xero as a single sign on provider (probably through OpenID).

    97 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. include an Id unique to the oAuth'enticated user

    That will allow consumer apps to differentiate services based on the authenticated user (e.g. ACLs with app specific permissions).

    5 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

Feedback and Knowledge Base