Xero Connection
See the Connector Marketplace topic. Please request your administrator to start a trial or subscribe to the Premium Xero connector.
Xero is a Cloud-based accounting software designed to streamline financial processes for small businesses.
This topic describes how to authenticate to Xero and configure any necessary connection properties in the Xero connection connector.
Prerequisites
Creating a Custom Authentication Application
This section describes how to create custom authentication applications for use with PKCE, OAuth, and custom connections.
Developers writing client side applications can use PKCE to test applications locally, because PKCE does not require a client secret.
OAuth
To create and register an OAuth application, and obtain the OAuthClientId and OAuthClientSecret:
Log in to the Xero developer portal.
Navigate to My Apps > Add Application.
Choose the application type Auth Code.
Enter a name for your application and the URL of your company. This information is displayed to users when they connect.
Set the Redirect URI:
If this app will be used at the Desktop or via a Headless Server, set the Redirect URI to
http://localhost:33333
(default) or specify a different URL and set CallbackURL to the URL you just specified.If this app will be used on the Web, set the Redirect URI to the full redirect or callback URL, where the user returns with the token that verifies that they have granted your app access. The default Callback URL is
http://localhost:33333
.
Click Save. Xero displays the OAuth Client ID of the new application.
Create a new OAuth Client Secret.
Set OAuthClientId and OAuthClientSecret to the credentials you just obtained.
Custom Connections
Xero also supports server-to-server OAuth integrations using Custom Connections.
Licenses for these connections must be purchased from Xero before they can be used in production organizations. They can also be linked to demo organizations for free.
To register a custom connection application in Xero:
Log in to the Xero developer portal.
Navigate to My Apps > Add Application.
Specify an application type of Custom Connection.
Select a list of scopes to which this application should have access. To avoid permission conflicts when connecting, it is recommended to select all the available scopes. You can also select scopes individually, but if you do this you must update the Scope connection property to match.
If desired, choose a user to authorize the connection. If you do this, the application can only be linked to an organization that this user can access.
Click Save and Connect. Xero sends an email to the user you selected, which contains instructions on how to link the application to an organization.
Wait for the user to link the application.
Return to the developer portal and open the application settings.
Click the Configuration tab and scroll to the Client Id. The CLient ID is used to set the OAuthClientId application property.
Click Generate a Secret.
Copy the secret you just generated, and apply it to the OAuthClientSecret property.
Connection Configuration
Each connection property available in the Xero connector is explained below.
Connection Name
The name of the connection to be created should be provided. This is the name that will display on the list of available connections.
Tenant
Sets the Xero organization to connect to. Can be a name or tenant ID.
Xero apps may be authorized by for multiple organizatins at once. By default the connector will connect to the first available tenant. To control which organization your are connected to, set this option.
If you have multiple organizations with the same name, then you must use the tenant ID. You can find the tenant ID by connecting with this option unset and then querying the Tenants view.
Schema
The Xero API you want to access as a database schema.
Possible Values:
ACCOUNTING, ASSETS, PAYROLLAUS, FILES, PROJECTS
Auth Scheme
The type of authentication to use when connecting to Xero.
OAuth: Authenticates you using OAuth with a client ID and secret. Should be used with server-side applications.
PKCE: Authenticates you using OAuth with only a client ID. Should be used with client-side applications.
Client ID
The client Id assigned when you register your application with an OAuth authorization server.
Client Secret
The client secret assigned when you register your application with an OAuth authorization server.
Refresh Token
The OAuth refresh token for the corresponding OAuth access token.
Add Configuration: Additional properties can be added using this option as key-value pairs.
After entering all the details, click on the TEST button.
If the connection service identification and authentication details are provided correctly, a success message stating “connection available” is generated.
Click on the CREATE button to save the changes.
If the details are incorrect or the server is down, you will get a message “Connection unavailable”.
If you have any feedback on Gathr documentation, please email us!