Xero
Org-level connection
Xero is connected once at the org level by an admin. The credential is shared across all groups that have been granted access — individual team members don't need to connect their own accounts.
How to connect
Go to developer.xero.com → My Apps → New app
Under Configuration, copy the Client ID
Paste it below as the API key
Note: Full OAuth flow coming soon.
Ready to connect?
Go directly to the integrations page in your dashboard.
Permissions (scopes)
These are the data scopes On Belay can be granted for Xero. Your org admin controls which scopes are enabled per group.
| Scope | Description | Access |
|---|---|---|
accounting.transactions | Read/write transactions | Read / Write |
accounting.contacts | Read/write contacts | Read / Write |
accounting.reports.read | Read reports | Read only |
accounting.journals.read | Read journals | Read only |
Troubleshooting
"redirect_uri_mismatch" error during OAuth
Your OAuth app's authorized redirect URIs don't include the On Belay callback URL. Add https://app.onbelay.ai/api/oauth-callback/xero to the allowed redirect URIs in your OAuth app settings.
"invalid_scope" error
The API or scope isn't enabled in your cloud project. For Google integrations, make sure the relevant API (e.g., Google Ads API, Search Console API) is enabled in Google Cloud Console for your project.
Connected but Claude can't access data
Check that your group has been granted access to this integration in On Belay → Groups → [your group] → Integrations. Also verify the specific scopes your group is permitted to use match what your query requires.
Still stuck? We're happy to help.
Contact support →