Skip to content

Accounting API

Welcome to our official feedback forum for the Xero Developer API.

The Xero Community site is the best place to submit feedback for improving Xero Business

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

9 results found

  1. Create more granular accounting scopes (eg: Sales - Invoice only)

    Right now there is a very wide range of APIs wrapped up in the "accounting.transactions" scope, with no way to provide more granular access within these APIs (https://developer.xero.com/documentation/guides/oauth2/scopes#organisation-scopes).

    This means that it's not possible to grant access to something quite narrow without also granting access to other things that are often not needed. For example, you cannot grant permission to creating/manipulating Sales Invoices without also giving access to all Bank Transactions at the same time.

    This problem is perhaps accentuated for Custom Connections, which are designed to be used for "in house" integrations, as ALL developers with access…

    160 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. Return linked Tenant ID in the auth response

    When a user has access to multiple Xero accounts it would be great to know the Tenant ID of the account they linked in the auth response.

    20 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. Be able to specify the company required at login

    We are operating with multiple companies within a single Xero account. It would be more secure if we could pre-select a company rather than leaving it to the user to select one after they have logged on.
    In PHP we call
    $XeroOAuth->request('GET', $XeroOAuth->url('RequestToken', ''), $params);

    i.e. Can we include the company in the $params?

    10 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. Allow Invoice only users to use the API

    As seen on this link: https://developer.xero.com/faq/permissions#user-permissions , currently only standard users can use the API, however, this makes no sense for my use case, and this is probably the same for other people.

    Right now I'm trying to build an app that will automatically create invoices and email them to the contacts, however, I do not want to connect a standard full user to my application, as the returned access token will have full access to all my banking account statements whereas all I need I to create a Sales Invoice, which could be done with a "Sales Invoice only"…

    9 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. Provide Service account for machine to machine authentication

    Provide Service account for machine to machine authentication

    For process to run via machine to machine so user interaction is not required. Saving of token or refresh token is not required, prevent hacking due to unsecure tokens.

    Similar to Google using OAuth 2.0 for Server to Server Applications
    https://developers.google.com/identity/protocols/oauth2/service-account

    For WorkFlowMax and Xero APIs

    7 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. List all organisations of users after authenticated with a xero app

    I am an accountant, here is my suggestion i just create an app on xero and ask my clients to authenticate with the app. After authentication i need list of organisation of my client and basic organisation details .

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. Replace / Fix inaccurate text when non-Admin user attempts to connect via API

    This idea will take about 15 minutes to implement, so I hope it is looked at soon.

    When a non-Admin user attempts to connect a Partner App to Xero via the API, they are given an inaccurate message. The message reads

    "You don't have a Xero Organisation yet."

    This is inaccurate, as they often do have a Xero Organisation but are not an Admin. This leads to wasted time, support calls, irritated users, and unhappy partners.

    Please replace that above message with something like

    "You are not an Administrator of any Xero Organisations yet."

    https://breadwinner.com/wp-content/uploads/2017/12/Xero-inacurate-error-message.png

    2 votes
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. SUGGESTION

    Services which are you guys are providing it's awesome , but the documentation which you have provided is not helpful at all . .. documentation should be user friendly and simple so that developers can easily integrate on their site .

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. Long lived tokens for testing purposes

    Our challenge is with our test and verification setup: we have 4 stages of pre-production environments and every environment runs CI (Jenkins) with full tests each night and relevant tests with each code push. With this setup it is very challenging to share and update shared refresh tokens.
    We would like long lived tokens (access and/or refresh) for testing purposes only.
    Other services we work with have been able to change settings on app/client id level.

    1 vote
    Vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Authentication  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?

Feedback and Knowledge Base