Xero - beautiful accounting software

Xero Developer Help Center

Xero Developer Community

Community > Wrapper libraries >

SHA2 Prep with Xero-Net

Started by Phil Alsford (Xero Staff) -   in Wrapper libraries

If you're looking for more information about the migration to SHA2 Certs please check this page.

To run an Example application from Xero-Net, such as the Counts example, you will need to change the App.Config to use the new URLs.

<add key="BaseUrl" value="https://sha2-api.xero.com"/>
<add key="PartnerBaseUrl" value="https://sha2-api-partner.network.xero.com"/>

You can view an example of this here. Feel free to pull it down and replace the other options (Consumer Key, SigningCertificate etc) with your own. This is for the Example.Counts program.

The URL changes are for Public, Private and Partner applications.

Thanks
Phil - Xero API Team
I guess above only shows what configurations need to be updated, once Xero-Net is updated to use SHA2?

Will (or when will) Xero-Net be updated to facilitate SHA2?

I guess the new code would be added to somewhere around this namespace: Xero.Api.Infrastructure.OAuth.Signing, alone side HmacSha1Singer.cs and RsaSha1Singer.cs.

I guess the examples would be updated as well (PublicMvcAuthenticator etc)?
 

J RE  

Thanks for the question.

This SHA1 to SHA2 migration is for the SSL (HTTPS) certificate that is presented by the Xero URL and application makes a call to. For example https://api.xero.com.

This is distinct and different from the OAuth certificate and validation which happens over the secure HTTPS connection. These are the classes that you have pointed out.

At the moment api.xero.com presents a SHA1 SSL certificate. In the future this URL will only present a SHA2 SSL certificate. A few operating systems and integrations may need to be updated to accept SHA2 certificates. We have therefore set up the SHA2 URLs for developers to verify that their integration works with SHA2.

Most developers will not need to do anything more than test their application works on the SHA2 URL by changing the URL your application calls.

Please remember to read this important announcement and test your integration. If you have any further questions please let us know.
 

Phil Alsford (Xero Staff)  

Thanks for the clarification Phil. My bad.
 

J RE