Xero - beautiful accounting software

Xero Developer Help Center

Xero Developer Community

Community > API Authentication >

Why i need to enter verification code again and again

Started by Test user -   in API Authentication

I want to connect with Xero with a simple application. The code that is in Development forum works great for me. But why i have to enter verification code again and again?
My application requirement is to just create simple contacts whenever i give first name and last name in the application. The application opens up a new window asking me for user name and password. if my username and password is correct it gives me a code (7 digits) than i have to come back and insert the code again in my application to complete the request.

Is there any way to avoid this and give the application a static code so that application run smoothly and i don’t need to enter the code again and again?

I am using Xero, .Net, C# and public API here is my code for the API.

private const string UserAgent = "crmPlugin";
private const string ConsumerKey = "ConsumerKey";
private const string ConsumerSecret = "consumerSecret";

public static Repository CreateRepository()
IOAuthSession consumerSession = new XeroApiPublicSession(UserAgent, ConsumerKey, ConsumerSecret, new InMemoryTokenRepository());

consumerSession.MessageLogger = new DebugMessageLogger();

// 1. Get a request token
IToken requestToken = consumerSession.GetRequestToken();

// 2. Get the user to log into Xero using the request token in the querystring
string authorisationUrl = consumerSession.GetUserAuthorizationUrl();

// 3. Get the use to enter the authorisation code from Xero (4-7 digit number)
//Console.WriteLine("Please input the code you were given in Xero:");
var verificationCode = "7013025"; // why i need to give this code again and again is there any way to use it for static.

if (string.IsNullOrEmpty(verificationCode))
Console.WriteLine("You didn't type a verification code!");
return null;

// 4. Use the request token and verification code to get an access token
AccessToken accessToken;

accessToken = consumerSession.ExchangeRequestTokenForAccessToken(verificationCode.Trim());
catch (OAuthException ex)
Console.WriteLine("An OAuthException was caught:");
return null;

Console.WriteLine("Access Token Key: {0}", accessToken.Token);
Console.WriteLine("Access Token Secret: {0}", accessToken.TokenSecret);
Console.WriteLine("Access Token Lasts for: {0}", accessToken.TokenTimespan);

// Wrap the authenticated consumerSession in the repository...
return new Repository(consumerSession);

If any one has better option please share with me
Best Reply as chosen by Test user (Original Poster)
Hi there,

If you are using a Public application, you need to use callback url to avoid entering the authorization code. More info is here: OAuth Callback Domains Explained

The sample code that you are using is for desktop applications so unfortunately you can't use callback url parameter.

The other option is for you to use Private application instead of Public so you can get permanent connection and you won't be asked to enter the authorization code anymore.

W. Abdullah (Community Manager)