Currently, we have no idea which user connected via OAuth. In other platforms (QB for once), you get details (especially email) of the user, and can design behavior based on it. In Xero, we get all the data on the users (with the new email address field), but we don't which user connected. If this will be exposed, it will give the developers more tools to create a more specific experience for the users236 votes
Our new OAuth2.0 authorisation will include an OpenID Connect identity layer that will allow apps to retrieve the connecting user’s details.
It’s a big project and still probably a few months away from general release but we’ll update this post with more details as we have them.
Allow users to sign into 3rd party applications using Xero as a single sign on provider (probably through OpenID).97 votes
Good news, the new OAuth2.0 authorisation we’re working on will include an OpenID Connect identity layer that will enable single sign on.
It’s a big project and probably still a few months away from general release but it is coming.
Thanks for your patience.
It would be good to be able to permanently remove the add-on authentication access from the Xero ledger to clean things up when a user deletes an account.27 votes
oAuth1.0a was developed in 2009 and is so complicated it just doesn't make it a viable option to maximise the Xero API with any simplicity. Most organisations have at least moved to oAuth2.0.
How about it Xero, what's the chance of moving with the times?15 votes
Allow user to connect to multiple organizations at once so we can query across multiple organizations.
Allow users to connect to multiple ornganizations at once so we can query across multiple organizations with one query.14 votes
At the moment, the Xero API authentication model does not support authentication and connection via mobile devices in a practical way - the only option is the public application type giving 30mins of access.
While changes are not currently planned, please add your vote and use case here if you would like to be able to connect directly to the Xero API from a mobile application.8 votes
We are operating with multiple companies within a single Xero account. It would be more secure if we could pre-select a company rather than leaving it to the user to select one after they have logged on.
In PHP we call
$XeroOAuth->request('GET', $XeroOAuth->url('RequestToken', ''), $params);
i.e. Can we include the company in the $params?7 votes
This idea will take about 15 minutes to implement, so I hope it is looked at soon.
When a non-Admin user attempts to connect a Partner App to Xero via the API, they are given an inaccurate message. The message reads
"You don't have a Xero Organisation yet."
This is inaccurate, as they often do have a Xero Organisation but are not an Admin. This leads to wasted time, support calls, irritated users, and unhappy partners.
Please replace that above message with something like
"You are not an Administrator of any Xero Organisations yet."2 votes
Services which are you guys are providing it's awesome , but the documentation which you have provided is not helpful at all . .. documentation should be user friendly and simple so that developers can easily integrate on their site .1 vote
I am an accountant, here is my suggestion i just create an app on xero and ask my clients to authenticate with the app. After authentication i need list of organisation of my client and basic organisation details .1 vote
- Don't see your idea?