Skip to content

Accounting API

Welcome to our official feedback forum for the Xero Developer API.

The Xero product ideas site is the best place to submit feedback for improving Xero.


Accounting API

Categories

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

9 results found

  1. Right now there is a very wide range of APIs wrapped up in the "accounting.transactions" scope, with no way to provide more granular access within these APIs (https://developer.xero.com/documentation/guides/oauth2/scopes#organisation-scopes).

    This means that it's not possible to grant access to something quite narrow without also granting access to other things that are often not needed. For example, you cannot grant permission to creating/manipulating Sales Invoices without also giving access to all Bank Transactions at the same time.

    This problem is perhaps accentuated for Custom Connections, which are designed to be used for "in house" integrations, as ALL developers with access…

    165 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    Following up on this - we've shared the idea with the relevant team, and while we recognise that more granualr scopes could be beneficial for a number of reasons this has wide reaching impacts and unfortunately it's not something we're planning to move forward with right now. We truly appreciate your input, so we'll keep this idea open so others can still vote or add their thoughts, and if priorities shift down the track we may revisit the idea. Thanks again!

  2. When a user has access to multiple Xero accounts it would be great to know the Tenant ID of the account they linked in the auth response.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. We are operating with multiple companies within a single Xero account. It would be more secure if we could pre-select a company rather than leaving it to the user to select one after they have logged on.
    In PHP we call
    $XeroOAuth->request('GET', $XeroOAuth->url('RequestToken', ''), $params);

    i.e. Can we include the company in the $params?

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. As seen on this link: https://developer.xero.com/faq/permissions#user-permissions , currently only standard users can use the API, however, this makes no sense for my use case, and this is probably the same for other people.

    Right now I'm trying to build an app that will automatically create invoices and email them to the contacts, however, I do not want to connect a standard full user to my application, as the returned access token will have full access to all my banking account statements whereas all I need I to create a Sales Invoice, which could be done with a "Sales Invoice only"…

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Provide Service account for machine to machine authentication

    For process to run via machine to machine so user interaction is not required. Saving of token or refresh token is not required, prevent hacking due to unsecure tokens.

    Similar to Google using OAuth 2.0 for Server to Server Applications
    https://developers.google.com/identity/protocols/oauth2/service-account

    For WorkFlowMax and Xero APIs

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. I am an accountant, here is my suggestion i just create an app on xero and ask my clients to authenticate with the app. After authentication i need list of organisation of my client and basic organisation details .

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. This idea will take about 15 minutes to implement, so I hope it is looked at soon.

    When a non-Admin user attempts to connect a Partner App to Xero via the API, they are given an inaccurate message. The message reads

    "You don't have a Xero Organisation yet."

    This is inaccurate, as they often do have a Xero Organisation but are not an Admin. This leads to wasted time, support calls, irritated users, and unhappy partners.

    Please replace that above message with something like

    "You are not an Administrator of any Xero Organisations yet."

    https://breadwinner.com/wp-content/uploads/2017/12/Xero-inacurate-error-message.png

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. Services which are you guys are providing it's awesome , but the documentation which you have provided is not helpful at all . .. documentation should be user friendly and simple so that developers can easily integrate on their site .

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Our challenge is with our test and verification setup: we have 4 stages of pre-production environments and every environment runs CI (Jenkins) with full tests each night and relevant tests with each code push. With this setup it is very challenging to share and update shared refresh tokens.
    We would like long lived tokens (access and/or refresh) for testing purposes only.
    Other services we work with have been able to change settings on app/client id level.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?