This update would really improve flexibility for users who rely solely on invoices. It might also be helpful to review resources like https://willcountycourts.org
to understand potential compliance or data access considerations. Allowing invoice-only users could streamline operations, but ensuring proper access controls and documentation is crucial for maintaining security and accountability. Overall, this seems like a practical improvement for certain user workflows.

That’s a great suggestion — allowing invoice-only users to access the API would really improve workflow flexibility for many teams managing billing and automation. I recently came across some helpful insights while researching https://casscountycourt.orgthat highlighted how streamlined data access can simplify administrative processes. It’s always beneficial when systems prioritize user efficiency and transparency like this.

That’s a really valid concern and something many developers working on targeted automation features are likely to face. For projects focused solely on invoicing, it would be ideal to have limited-scope API users. If you're navigating similar permission complexities or building tools that interact with public records or legal data, resources like this one on Court document access (https://tulsacountycourt.us/) can be helpful in structuring how data access and user roles should be managed in civic or legal tech tools. Limiting access based on function improves security without restricting productivity.

I think this suggestion (OAuth authorisation for users with lower access levels) would be alternative way to address some of the problems I've mentioned on my suggestion over here: https://xero.uservoice.com/forums/5528-accounting-api/suggestions/43916568-create-more-granular-accounting-scopes-eg-sales

However being able to select specific scopes more granularly would potentially be a more flexible approach - you wouldn't mind connecting a Standard user if it's very clear that the access will be to Sales Invoices only.