Xero
The Xero connector gives AI agents access to your Xero accounting data — invoices, contacts, payments, accounts, bank transactions, and financial reports — as well as the ability to create new records. Authentication uses OAuth 2.0 and your credentials are stored encrypted in MCPGate's vault, never exposed to the AI client.
Required scopes#
MCPGate requests the following OAuth scopes when you connect Xero. All scopes are requested up front to cover read and write operations across the full tool set.
| Scope | Purpose |
|---|---|
| accounting.transactions | Read and write invoices, payments, and bank transactions |
| accounting.contacts | Read and write contacts (customers and suppliers) |
| accounting.reports.read | Read financial reports (ProfitAndLoss, BalanceSheet, etc.) |
| accounting.settings | Read chart of accounts and organisation settings |
| openid profile email | Identify the connected Xero user |
Tool reference#
The Xero connector exposes 11 tools: 7 read and 4 write. Use the MCP Apps page to enable or disable individual tools per app.
| Tool | Category | Description |
|---|---|---|
| xero_list_invoices | read | List invoices in Xero, optionally filtered by status or contact |
| xero_get_invoice | read | Get a specific Xero invoice by ID |
| xero_list_contacts | read | List contacts (customers and suppliers) in Xero |
| xero_list_payments | read | List payments in Xero |
| xero_list_accounts | read | List chart of accounts in Xero |
| xero_get_report | read | Get a financial report from Xero (e.g. ProfitAndLoss, BalanceSheet, TrialBalance) |
| xero_list_bank_transactions | read | List bank transactions in Xero |
| xero_create_invoice | write | Create a new invoice in Xero |
| xero_create_contact | write | Create a new contact in Xero |
| xero_create_payment | write | Record a payment against an invoice or credit note in Xero |
| xero_create_bank_transaction | write | Create a bank transaction (spend or receive money) in Xero |
Common guardrail recipes#
Read-only access#
Enable only the seven read tools and deny all four write tools. Suitable for AI assistants that answer accounting questions, generate summaries, or export data without making any changes to Xero.
Transact preset#
Use the built-in transact preset to allow reads plus xero_create_invoice and xero_create_payment, while keeping xero_create_contact and xero_create_bank_transaction denied. Agents can handle standard invoicing workflows without modifying contacts or creating manual bank entries.
Rate-limit write operations#
Xero enforces an API rate limit of 60 calls per minute per app. Apply the cooldown guardrail template to write tools to prevent the agent from hitting rate limits during bulk operations. A 2-second minimum interval between write calls is recommended.
Troubleshooting#
- AuthenticationUnsuccessful — The OAuth token has expired or been revoked. Xero access tokens expire after 30 minutes; refresh tokens last 60 days. MCPGate refreshes automatically — if this fails, reconnect the Xero connector.
- Organisation not connected — Xero connections are scoped to a specific organisation. If you have multiple Xero organisations, you must connect each one separately in MCPGate.
- Report not available — Some Xero reports require specific subscription tiers. If
xero_get_reportreturns a subscription error, verify your Xero plan includes the requested report type.