Xero Developer account setup with REST API auth flow.
Hi folks,
Welcome to my new blog post. Recently I was working on one of the accounting management third-party vendors named XERO with rest integration.
Below is a statement about Xero from their official website.
We help small businesses thrive worldwide
Xero’s online accounting software connects small business owners with their numbers, their bank, and advisors anytime.
Let's get started with setting up our developer account first. We need to create one account at https://developer.xero.com/. You can start your 30 days free trial account in just minutes by providing some of the basic details. there is some capping on the number of connections and number of requests in the trial account. After signing up verify your account and set a login password, better to add 2-step authentication as well.
Creating app under developer account.
Once you successfully log in, you need to create your app under my apps.
While creating a new app you need to provide integration type, application URL and redirect URL. you can see your newly created app under my apps.
After importing it under postman you need to first follow auth flow documentation for grabbing access_token that is required for other APIs.
Grabbing access_token for REST APIs
Step 1: Generating code
Hit this URL by replacing mentioned params to grab the code from redirected URL.
Make sure in the above URL you change param client_id and redirect_url as per the configuration under your app. The above URL lands you on the login screen of your Xero account, next it will ask to allow the permissions mentioned in the scope param in the above URL. You can modify the scope based on your requirements. you can find detailed information about scopes here.
After successfully log in and granting permission your browser will redirect to the URL that you had provided in-app configuration with some query param. The sample URL looks like this.
You need the above auto-generated code for the next step.
Step 2: Passing generated code
After successfully generating code you need to hit the below token API with the request structure mentioned below.
POST https://identity.xero.com/connect/token
authorization: "Basic " + base64encode(client_id + ":" + client_secret)
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code
&code=xxxxxx
&redirect_uri=https://myapp.com/redirect
As a response to the above request, you will get the below response.
- access_token The token used to call the API.
- id_tokenThe token containing user identity details (only returned if OpenID Connect scopes are requested).
- expires_inThe amount of seconds until the access token expires.
- token_type: Bearer
- refresh_tokenThe token used to refresh the access token once it has expired (only returned if the offline_access scope is requested).
You can use the access_token generated here in the next rest APIs.
That's all about setting up the Xero developer account with the rest API postman setup. let me know if you guys have any queries and comment down below.
Comments
Post a Comment