OAuth is a security protocol Xero uses to let your app access a user’s account without accessing the password. The application user approves the access token upon requests for permissions. OAuth 2.0 enhances the security standards and improves the security connection between third-party applications and Xero API.
Applications using Xero third-party integration services need to migrate to OAuth 2.0 by the 31st of March 2021. Delaying the Xero Oauth migration may cause errors while requesting API requests and lose the ability to sync your application data with Xero.
OAuth 2.0 uses a per-user basis access token, while in OAuth 1.0, token where issues per organization. Users can still select which organization an app can access, and a different token will handle the same. OAuth 1.0 Migration to OAuth 2.0 proves more benefits in improving the end-user experience and also makes it easier for businesses to connect with apps.
Here is how OAuth 2.0 benefits:
- Highly secure and meets the API industry standards
- Better certification
- Enable Xero Sign-in
- App partner program benefits
- Ensures regulatory requirements in all regions
- Hassle-free and quick setup
- Better customer experience
Connect with us to get your applications migrated to OAuth 2.0 and enhance your applications’ security standards.
The migration details depending on your API type
Partner apps
- Migration guide: The FAQs and endpoint guide are available for all partner apps, and a sample is available on the GitHub page.
- Feedback and benefits: Migrating to OAuth 2.0 provides a smoother experience and ensures your applications retains in the Xero app partner program. We recommend getting migrated on priority.
For accountants and bookkeepers
- Xero Marketplace apps: Partner applications have a seamless migration path and will not affect the client applications.
- Custom integrations (Private apps): You will need to move to OAuth 2.0 if you have a custom API integration to access your client’s Xero data.
App users
- Xero Marketplace apps: Partner applications have a seamless migration path and will not affect the client applications.
- Custom integrations (Private apps): If your custom-built app is connected to the Xero organization, you need to migrate to OAuth 2.0 by the end of this year.
Private apps
- Unlike OAuth 1.0, you no longer need to worry about offline access, multiple organization connections, and certifications. You can simply choose the OAuth 2.0 library and start building your application
- Machine to machine (M2M): As all the Xero OAuth2.0 apps allow offline access to be granted, it is possible to set up M2M integrations. Only the initial authorization code flow requires a user and a web browser.
- Refresh tokens: A refresh token is the only thing required for user interaction. Refresh ones in 30 days needed to maintain the connection.
- Connecting your app: The developer and the client will need to connect to the Xero organization after creating a new OAuth 2.0 app.
What’s in with the new update?
- No more long-lived tokens.
- Support for a short-lived token to maintain a high level of security.
- Enhanced privacy and transparency
- Apps can connect to multiple(up to 25) organizations and maintain offline access.
- No support for client credentials grants type.
- Supporting and owning more SDKs
Here is how Infomaze can help with the migration:
Infomaze works following client’s applications and industry standards. We understand that every application/software requires frequent updates to match with the latest technological offerings.
At Infomaze, we keep a keen eye on such updates and ensure we diligently help our clients update their systems. Developers at Infomaze ensure that your applications are up-to-date, secure, and meets the industry standards. We can help you seamlessly migrate your Xero API connection’s from OAuth 1.0 to OAuth 2.0…Click The Below Link For More Details.
Source: Migrate Xero OAuth 1.0 to OAuth 2.0 Now!
Comments
Post a Comment