Xero - beautiful accounting software

Xero Developer Help Center

Xero Developer Community

Community > API Authentication >

Authorise Application

Started by Jason Raikes -   in API Authentication

Hi,

I have developed 2 apps. They are both running on the same server. I have set them both up in the 'My Apps' sections of the Xero Developer site. They are both set up as public apps.

I have copied the relevant authorisation keys from the developer site to my apps.

When I try to access the second app, Xero asks to 'Allow access for 30 minutes' in the usual way but then prompts a message 'Enter this code in xxxxx to finish the process' where xxxxxx is the app name. I also notice that the app is not listed in the connected apps section in the Xero settings.

Please can someone tell me where to enter the code or how to resolve this issue please.

Jason
It sounds like on your second app you don't have a callback URL set and so it's giving you an authorisation code. If you're not using a callback URL you'll need to provide a place for the user to enter the code on your apps end. It does sound a bit odd that it's just displaying the app name rather than a random number though.
Can you check in the MyApps section of the developer portal to see if you have a callback URL set?
 

Steven Brown (Xero Staff)  

Steven,
Thank you for the reply. It does show a random number, I just did not include it in my first post. What should I do with this number? I have a value in the field captioned 'OAuth 1.0a Callback Domain' Is that what you are referring to? As both apps are on the same server, the value in this field is the same for both apps - is this the issue?
Jason
 

Jason Raikes  

That is what I was referring to. As far as I'm aware you can use the same callback domain for both. At this point it might be worth sending through a support ticket with the details of your app so we can take a look at things.
 

Steven Brown (Xero Staff)  

Steven,
What details do you require please?
Jason
 

Jason Raikes  

Hi Jason,
I just realised I asked about having the callback domain registered, but didn't ask for confirmation that you're sending through the callback URL in the oauth request.
https://developer.xero.com/documentation/auth-and-limits/oauth-callback-domains-explained

If it's not included in the request then it will try and give you the manual code.
 

Steven Brown (Xero Staff)  

Steven,
The contents of the authorisation json file is:

{
"AppType" : "PUBLIC",
"UserAgent": "xxxxxx-CDPB2R",
"ConsumerKey" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"ConsumerSecret" : "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"CallbackBaseUrl" : "http://xxxxx.org/app_name",
"CallbackPath" : "/xero_callback"
}

I am using the same java code for both apps, it works with the first but not the second.

Jason
 

Jason Raikes  

Steven,

I spotted a typo in one of the config.json files.

Thank you for your help.

Jason
 

Jason Raikes  

Glad it's sorted Jason
 

Steven Brown (Xero Staff)