0

My client wants to build an website app that allows customers to link their Xero account to the website so that certain actions such as create/manage employees can be updated in the website and also pushed to the respective user's Xero account.

I've been through the basics of connection to the Xero API and had to create/install certificate and generate Xero keys etc to get both apps talking to each other. This is not a feasible approach for end users of the site trying to connect their Xero account as it requires sharing a key etc that is supposed to be secret.

Is there a way to create a connection using just some sort of Xero key - similar to linking Xero accounts? Or it the case that my client would need to become a Xero Partner and actually create an app that users can install from their Xero account?

Rob
  • 10,004
  • 5
  • 61
  • 91

1 Answers1

2

The Xero API has a number of different types of applications - sounds like you've set up a private app, which (as you've spotted) is intended for interaction with a single Xero organisation.

To interact with multiple Xero accounts, you'll want to create a public app on https://developer.xero.com/myapps/. This will allow you to send multiple users through the OAuth1.0a auth process, giving you an access token for each account that has authorised your app. You can then persist these tokens and match them to the account in your own web app.

Note that this will give you access to each Xero account for 30 minutes before the user will need to authorise your app again. For long-lasting access tokens, you'll need to register your interest via the link in this page to get information on how to complete this process.

rustyskates
  • 856
  • 4
  • 10