Xero API Limits
What’s on this page
There is a daily limit of 1000 API calls that a provider can make against a particular Xero organisation in a rolling 24 hour period. If you exceed this rate limit you will receive a HTTP 503 (Service Unavailable) response with the message “oauth_problem=rate%20limit%20exceeded&oauth_problem_advice=please%20wait%20befor
e%20retrying%20the%20xero%20api” in the http response body.
Requests per minute
In addition to the daily limit, each OAuth access token can be used up to 60 times for each 60 second period. If you exceed this rate, the API will return HTTP 503 (Service Unavailable) with the message “oauth_problem=rate limit exceeded” in the http response body. It is advisable to make no more than one request per second to avoid this.
Request Size Limit
A single POST to the API has a size limit of 3.0MB. There is no limit to the number of elements within a request, provided the overall request size does not exceed 3.0MB.
Note: When posting form-encoded xml to the API, the encoded data will be approx 50% larger than the original xml message.
However, to ensure you receive a timely response from the API (large inserts can take quite a while), we recommend you look to batch elements in bundles of up to 50.
Encountering a rate limit
If you encounter a limit, do not continue to make requests as this may continue to add to your limitation. The most common issue encountered is the 60 requests/min rate limit. If possible, queue requests and allow a few seconds before attempting to make another request.
Private application limits
You can create a maximum of 2 private applications against a Xero organisation regardless of the user that created the application.
General Xero usage
Xero is not suitable for all types of business, particularly those with very high transaction volumes. Please see our notes on system limits.
What if I need more than 1,000 calls a day?
Quite often, applications that you might believe would exceed the Xero API rate limits, can in fact work within the limits by analysing the structure of how you intend to use the Xero API:
You can do more than one thing in a single request: For example, you can create more than one Invoice in a single PUT or POST Invoices API call.
While there is no upper limit in the number of nodes that can be sent at one time, a ceiling of about 100 nodes per request is practical – this will ensure a request does not exceed the maximum size of 3.5MB. You should also review our notes on summarizing validation errors.
What is the best way to handle requests on my side?
It is recommended that applications queue requests to the Xero API. This will allow you to ensure requests are within the supported limits, and will also allow your application to function even in the event that it cannot reach the Xero API temporarily.
What if I need to retrieve large amounts of data from Xero?
One function which can cause an application to exceed the usage limits is extracting data from Xero eg:
- In order to get line item details of an invoice, a request for each individual invoice must be made
- An organisation can have many thousand Journals, which can be retrieved only in batches of 100.
In these situations, it may take some time to extract the required data – it is recommended that an application is structured to schedule or queue this function so there is no user expectation of an immediate response. Enhanced API functionality for extracting large amounts of data are on the API roadmap to improve this situation.
Does my application only have 1,000 requests for all my users?
Applications that connect to more than one Xero organisation (Public and Partner) have a per organisation usage limit. For example if two separate Xero organisations are connected to an application, each connection would have 1,000 API calls available in a given 24 hour period.
What if my application still cannot function correctly within the Xero API limits?
If your application has a genuine requirement for more requests than are currently supported, please email firstname.lastname@example.org and we can review your requirements.
Xero is designed for volumes of between 200 – 500 invoices per month, dependent also on the frequency of invoicing during the month, variability of amounts and the frequency of sales tax reporting requirements.
- Bank Transactions – Spend & Receive Money
Xero is designed for volumes of up to around 1,000 bank transactions per month, also dependent on the frequency of transactions during the month and variability of transaction values.
- Inventory Items
Inventory item lists of greater than 1,000 could cause performance issues for users invoicing via methods other than the API.
Contact lists of greater than 5,000 could cause performance issues for users utilizing Xero via methods other than the API.
- Xero organisations using the “Small” pricing plan can enter up to 5 approved Accounts Receivable invoices and 5 approved Accounts Payable invoices per month. The invoice date (not the creation date) is used to determine which month an invoice was entered.
If you exceed this invoice limit when using the Xero API you will receive a HTTP 400 response code with the following error message
<validationerror> <message>You have reached the limit of invoices you can approve.</message> </validationerror>
Xero will work with higher levels than this but the performance of some features and reports may become degraded.