Xero HQ is the platform for accountants and bookkeepers that makes it easier to focus on your clients by connecting all the tools you need to run an accounting or bookkeeping practice.
The Xero HQ API is a RESTful web service and uses the OAuth (v1.0a) protocol to authenticate 3rd party applications.
Note: The Xero HQ API is not currently accessable via OAuth 2.0. Support for OAuth 2.0 is coming soon.
The Xero HQ API is currently only available to selected app partners. If you're interested in integrating with Xero HQ then contact your developer evangelist or get in touch here.
In order to authorise an API connection to a Xero Practice (as opposed to a Xero Organisation) you need to add the ?tenantType=PRACTICE parameter to the authorisation endpoints and url.
Please note that you can NOT use an access token for a Xero Organisation to access the Xero HQ API.
Other than the additional parameter, the rest of the authorisation process is as per the OAuth v1.0a spec. The URL’s to authorize your partner application are :
|Get an Unauthorised Request Token:||https://api.xero.com/oauth/RequestToken?tenantType=PRACTICE|
|Redirect a user:||https://api.xero.com/oauth/Authorize?tenantType=PRACTICE|
|Swap a Request Token for an Access Token:||https://api.xero.com/oauth/AccessToken?tenantType=PRACTICE|
|Swap an expired access token for a new one:||https://api.xero.com/oauth/AccessToken?tenantType=PRACTICE|
|Connect to the Xero HQ API:||https://api.xero.com/xero.hq/1.0/...|
In order to authorise an API connection to a Xero Practice the Xero user must have the Practice Administrator role.
The base url for Xero HQ endpoints is https://api.xero.com/xero.hq/1.0/
e.g. The URL for the Clients endpoint is https://api.xero.com/xero.hq/1.0/clients
See the Types and Codes applicable for use with the Xero HQ API endpoints.
See the HTTP Response Codes and Errors applicable for the Xero HQ API endpoints.