The provider supports the following Xero APIs:
Accounting API: Set the Schema connection property to ACCOUNTING
Australian Payroll API: Set the Schema connection property to PAYROLLAUS
Files API: Set the Schema connection property to FILES
Fixed Assets API: Set the Schema connection property to ASSETS
Projects API: Set the Schema connection property to PROJECTS
By default the provider authenticates to Xero using OAUTH2
You will need to create an OAuth application and set InitiateOAuth to GETANDREFRESH to avoid repeating the OAuth exchange and manually setting the OAuthAccessToken.
Follow the steps below to register a public application and obtain the OAuthClientId and OAuthClientSecret.
Log in to the Xero developer portal.
Click My Apps -> Add Application. Choose the Auth Code application type.
Enter a name for your application and the URL of your company. This information is displayed to users when they connect.
Set the Redirect URI to the full redirect or callback URL, where the user returns with the token that verifies that they have granted your app access.
When connecting using OAUTH2, Xero grants the provider access to all of the organizations that the user has authorized. By default the provider will connect using the first available organization. Since this default changes as you authorize new organizations, it is recommended that you set the Tenant connection property to ensure future connections always use the same organization.
The Tenant property can be set to either the name or ID of a Xero organization.
The Xero API has usage limitations that may be encountered while using the Provider for Xero.
There is a daily limit of 5000 API calls against a single Xero organization in a rolling 24-hour period.
In addition to the daily limit, a single access token can only be used up to 60 times in a rolling 60-second period.
If you encounter a rate limit, the Xero API will return an HTTP 503 (Service Unavailable) error, with the following message: "oauth_problem=rate limit exceeded".
Note: If you encounter a rate limit, do not continue to make requests, as this may continue to add to your limitation. If necessary, you may need to queue requests.
When working with the provider, some operations may result in multiple requests to the API. For example, updating an existing record will result in two requests: one to get the current record, and one to submit changes.