Why does this connector look different from most others? Due to limitations in Xero’s regional availability for custom integration development, ConductorOne cannot provide a cloud-hosted Xero connector. Instead, follow the instructions on this page to set up and run the Xero Baton connector in your own environment.

Capabilities

• Sync user identities from Xero to ConductorOne

• Resources supported:

  • Organizations
  • Roles

Integrate your Xero connector

A user with the Connector Administrator or Super Administrator role in ConductorOne and the ability to create a Xero app for your organization must perform this task.

Step 1: Create a Xero web app and generate credentials

1. Log into developer.xero.com and click New app.

2. In the Add a new app form, give the app a name, such as “ConductorOne” and select Web app.

3. Enter https://developer.xero.com in the Company or application URL field.

4. Enter https://localhost:8080 in the Redirect URI field.

5. Click Create app.

6. The new app opens. In the navigation panel on the left, click Configuration.

7. Carefully copy and save the app’s Client ID. We’ll use this in Step 2.

8. Click Generate a secret.

9. Carefully copy and save the Client secret. We’ll use this in Step 2.

Step 2: Install baton-xero

1. Run the brew or source commands shown below to install baton-xero, substituting in the required credentials (see the baton-xero repo’s README for details).

   brew

   brew install conductorone/baton/baton conductorone/baton/baton-xero
   
   BATON_XERO_CLIENT_ID=xeroClientId BATON_XERO_CLIENT_SECRET=xeroClientSecret BATON_REFRESH_TOKEN=refreshToken baton-xero
   baton resources
   

   source

   go install github.com/conductorone/baton/cmd/baton@main
   go install github.com/conductorone/baton-xero/cmd/baton-xero@main
   
   BATON_TOKEN=token baton-xero
   baton resources
   

Step 3: Set up the Xero connector in ConductorOne

This step requires the Connector Administrator or Super Administrator role in ConductorOne.

1. In ConductorOne, click Connectors > Add connector.

2. Search for Baton and click Add.

3. Choose whether to add the Xero connector to an existing application in ConductorOne (and select the app of your choice) or to create a new application.

   Once the connection is established between Xero and ConductorOne, the new application’s name will automatically change from Baton to Xero.

4. Set the owner for this connector. You can manage the connector yourself, or choose someone else from the list of ConductorOne users. Setting multiple owners is allowed.

5. Click Next.

   If you selected someone else as the connector owner, that person will be notified to take over this process from this point.

6. Find the Settings area of the page and click Edit.

7. Click Rotate to generate a new set of credentials. Carefully copy the Client ID and Secret. You’ll use them in Step 4.

Step 4: Add credentials to your Xero connector

1. On the server where the Xero connector is running, pass in the Client ID and Secret generated in Step 3 by running --client-id <CLIENT ID> --client-secret <SECRET>.

   Run baton-xero --help to see the list of flags to be used when passing your credentials to the connector.

2. The connector syncs current data, uploads it to ConductorOne, and prints a Task complete! message when finished.

3. Check that the connector data uploaded correctly. In ConductorOne, click Applications. On the Managed apps tab, locate and click the name of the application you added the Xero connector to. Xero data should be found on the Resources, Entitlements, and Accounts tabs, as appropriate.

Now that baton-xero is installed and the connector is set up, Baton runs as a service in your environment. The service maintains contact with ConductorOne, syncs and uploads Xero access data at regular intervals, and passes that data to the ConductorOne UI, where you and your colleagues can use it to run access reviews and facilitate access requests for the application.