0

I have done OAuth2.0 using PKCE flow in .NET Framework (C# Winforms).

Now I have tokens_response in my hand.

But I'm wondering is it possible to fetch all of the organisation (not only one)?

santhosh
  • 1
  • 1
  • Doesn't the organisations endpoint return all the organisations that the token allows access to? I only have one, so I can't say I've noticed. – droopsnoot Aug 15 '20 at 17:36

1 Answers1

1

You can check the organisations (tenants) that you can access with a given token using the /connections endpoint, like this:

GET https://api.xero.com/connections
Authorization: "Bearer " + access_token
Content-Type: application/json

Response:
[
    {
        "id": "e1eede29-f875-4a5d-8470-17f6a29a88b1",
        "authEventId": "d99ecdfe-391d-43d2-b834-17636ba90e8d",
        "tenantId": "70784a63-d24b-46a9-a4db-0e70a274b056",
        "tenantType": "ORGANISATION",
        "tenantName": "Maple Florist",
        "createdDateUtc": "2019-07-09T23:40:30.1833130",
        "updatedDateUtc": "2020-05-15T01:35:13.8491980"
    },
    {
        "id": "32587c85-a9b3-4306-ac30-b416e8f2c841",
        "authEventId": "d0ddcf81-f942-4f4d-b3c7-f98045204db4",
        "tenantId": "e0da6937-de07-4a14-adee-37abfac298ce",
        "tenantType": "ORGANISATION",
        "tenantName": "Adam Demo Company (NZ)",
        "createdDateUtc": "2020-03-23T02:24:22.2328510",
        "updatedDateUtc": "2020-05-13T09:43:40.7689720"
    }
]

If you need more information than the organisations' id and name, you'll need to call the /organisation endpoint individually for each.

The connections endpoint is described more in section 5 on this page of the docs: https://developer.xero.com/documentation/oauth2/auth-flow

rustyskates
  • 856
  • 4
  • 10
  • Thanks for your answer @rustyskates.In my scope, i'm using offline access like as following "scope=openid profile email offline_access". – santhosh Aug 16 '20 at 10:52
  • In this case while logging in the Xero authentication would not ask to select the organization. So when i tried adding "accounting.transactions" along with the above mentioned scope, Xero authentication ask to select the organisation to access. Here i'm thinking why and what is the purpose of the offline_access, is it only for refreshing the token? then why they are allowing to logging into Xero account without mentioning other scopes. Is there any possibilities, once i have logged in using offline_access and want to add another scope in the same session? – santhosh Aug 16 '20 at 11:06
  • Every time you add a new scope, the user needs to re-authorise (because you're asking for access to a different set of information). Once the new scope has been authorised once, no authorisation is needed for future requests using that scope. – rustyskates Aug 16 '20 at 21:27