0

I have an existing Xero app that's worked well for over a year that uses OAuth2 to connect a small number of organisations to one of three Web Apps: developer, sandbox, and production. Sandbox and production are working well. However, yesterday I started to create a new instance of the developer app and am unable to complete the first step. My app calls the following URL:

https://login.xero.com/identity/connect/authorize?response_type=code&client_id=069BFC79B7REDACTED&redirect_uri=https%3A%2F%2Fdev.addressredacted.ngrok.io%2Fcotrustee%2Fxero&scope=offline_access+accounting.transactions+accounting.settings+accounting.journals.read

This URL has the same form that has worked for over a year, just with a new client_id, but now I keep getting this error:

Access Denied You don't have permission to access "http://authorize.xero.com/?" on this server. Reference #18.d2fdda17.1671639885.53ec38b

I expect to be redirected to a Xero login page instead.

Barry Ezell
  • 1

1 Answers1

0

From the Ref# that you received, it looks like it has hit the Akamai WAF. Unfortunately the code has expired (it only has a lifetime of 24 hours) thus we are unable to check why it was blocked.

Can you contact Xero API Support - api at xero dot com - with a newer reference so we can further investigate?

Doel Jangkrik
  • 188
  • 3