Xero - beautiful accounting software

Xero Developer Help Center

Xero Developer Community

Community > Wrapper libraries >

Xero (OAuth) API library for Delphi

Started by Niels Maschmeyer -   in Wrapper libraries

Hi, I am just about to finish my Xero api after I found a very suitable library.
I am developing with Delphi (Object Pascal) and could successfully access the Xero API and retrieve all the information I needed.
You can find the library (OAuth.pas) here:

A detailed information how to use it can be found here:

For any question you can contact me anytime.
Hi Niels,

Do you have any code you could share, showing how to connect to the Xero API ?

I am not getting anywhere with creating a private application - I can't find a library to do the RAS-SHA1 encoding.

My public application only gets as far as getting a PIN from Xero, but then I don't seem to get any further. My request for an access token is denied - error 401 unauthorized.



Robert Daniel  


I solved the above problem by referring to the source code for the REST Debugger http://docwiki.embarcadero.com/RADStudio/XE5/en/REST_Debugger

Delphi XE5 has REST support built in, including HMAC-SHA1 authentication (but not RAS-SHA1 sadly). To convert the request token and PIN in to an access token you set the access token and access token secret to the request token and request token secret and then request the access token.

I will try and put a complete demonstration project online somewhere when I am done.


Robert Daniel  

Hi Robert
I was just wondering if you managed to get around to creating a demo project interface using XE5.

Peter O'Hanlon  

Hi Robert,
sorry I must have overlooked your reply.
I used the included Indy 10 unit IdHMACSHA1;

XToken: TOAuthToken;
XRequest: TOAuthRequest;
XConsumer: TOAuthConsumer;
HMAC: TOAuthSignatureMethod_HMAC_SHA1;
pos1, pos2: integer;
Response: String;
XConsumer := TOAuthConsumer.Create(ConsumerKey, ConsumerSecret, url);
HMAC := TOAuthSignatureMethod_HMAC_SHA1.Create;
XRequest := TOAuthRequest.Create(RequestTokenURL);
XRequest.FromConsumerAndToken(XConsumer, nil, RequestTokenURL);
XRequest.Sign_Request(HMAC, XConsumer, nil);
Response := HTTP.Get(RequestTokenURL + '?' + XRequest.GetString);

Niels Maschmeyer  

Oh, I forgot to mention. I had to change the original TOAuth from my link above to make it work. The generating of a TimeStamp caused trouble because it should use the correct timezone!
So I changed it from:

function TOAuthRequest.GenerateTimeStamp: string;
Result := IntToStr(DateTimeToUnix(Now));


function TOAuthRequest.GenerateTimeStamp: string;
Result := IntToStr(DateTimeToUnix(TTimeZone.Local.ToUniversalTime(Now())));

Niels Maschmeyer  

Thanks Niels for your example above I have managed to get the Public App Authentication going fine.

Peter O'Hanlon  

Just making Delphi users aware of this

Tristan Marlow