caret

App Partner Program benefits


Xero’s App Partner Program is the key to unlocking the value of the Xero Ecosystem. As an app partner you’ll receive exclusive benefits such as co-marketing and premium access to sales and advisor channels - helping increase leads, improve conversion and grow on the Xero platform. We’re also excited to bring a new range of technical benefits to a refreshed App Partner Program being launched later this year. These benefits - built on top of OAuth 2.0 - remove friction when connecting apps to Xero to generate a higher volume of better quality leads from Xero’s App Marketplace.

  • Bulk Connections - makes it easier and quicker for advisors to connect new clients to the app, reducing the friction and ultimately leading to more connections for the partner.
  • Rapid Sync - improve a customer’s trial experience by syncing all the Xero data needed without delay. Show your value faster and get more customers converting.

OAuth 2.0 will enable these technical benefits and is required for the refreshed App Partner Program. We recommend implementing OAuth 2.0 as soon as you can to optimise your app experience and be ready to leverage the program once it launches.


Recommended roadmap

  1. Migrate to OAuth 2.0: OAuth 2.0 provides a simpler, faster and more secure experience and enables you to do more with the API to help you grow. See migration guide.
  2. Implement Sign In with Xero: to provide a simple, secure and seamless login experience and no need to remember a second password. See guide.
  3. Enable Sign Up with Xero: once you’ve implemented the above, and joined the refreshed App Partner Program, you’ll be able to enable Xero App Marketplace visitors to set up a trial that’s pre-populated with their Xero data. See guide.

Bulk Connections

Bulk connections allows users to connect multiple organisations in a single auth flow. There is no limit to how many they can connect at once. This speeds up the connection process and is especially valuable to accountants and bookkeepers who often need to connect a large number of organisations. By removing friction, we believe this will help advisors connect more clients overall.

How it works

Our implementation of OAuth 2.0 allows your app to connect to a user’s chosen organisations using a single access token. This differs from OAuth 1.0a which required a different access token for each organisation.

This makes life easier for users because they only have to go through the authorisation flow once. The user will still choose the organisations your app can access during the flow but there is only one token.

Implementation

  1. Make sure you’ve migrated to OAuth 2.0
  2. Ask your partner manager or developer evangelist to enable Bulk Connections for your app.
  3. When the user clicks the “Connect to Xero” button in your app, the OAuth flow 2.0 is started as normal with the authorization step.
  4. The user will select one or many of their orgs to connect to your app.
  5. The user is redirected to your app with an authorization code.
  6. Exchange the authorization code for an access token and refresh token.
  7. Use the access token to call the Connections endpoint. The response will tell you which organisations the user has connected to your app.
  8. You may need to provide some UX in your app that lets users map their Xero organisations to accounts in your app (see below).

Mapping Organisations

Allowing users to connect multiple organisations at the same time might require some changes to the UX of your app after the auth flow is completed.

If Xero organisations map to your app on a one-to-one basis then you will likely need to build a screen that allows the user to map each one (as above). An example would be a POS app where organisations map to stores.

If your app is set up in such a way that multiple organisations can already connect to a single account (e.g. a BI/reporting app) then you may not need to build any additional UX.

Toggle bulk connections off for specific use cases

In some cases you might prefer that a user is restricted to picking a single organisation (e.g. during the Sign Up with Xero flow). You can do this by including bulk_connect:false the in the acr_values parameter on the authorization step e.g.

https://login.xero.com/identity/connect/authorize?response_type=code...&acr_values=bulk_connect:false

Rapid Sync

To give customers a better trial experience we’re lifting the minute and day rate limits for the first 30 minutes of a new connection. This allows your app to sync all the Xero data it needs to show the customer your unique point of value.

Implementation

If your implementation makes use of the standard rate limit headers already returned on every API request then you won’t need to do anything to implement rapid sync.

While Rapid Sync is active, the X-DayLimit-Remaining and X-MinLimit-Remaining headers will stay at their full amount (e.g. 5,000 and 60). Once the 30 minutes is over they will start reducing as normal.

Keep in mind that you are still limited to 5 concurrent requests per tenant (organisation) and 10,000 requests overall per minute during the Rapid Sync period.


Need more info?

We’ll be releasing more information about the refreshed partner program soon but if you have any questions please let us know via your partner manager, developer evangelist or api@xero.com.