Xero Authentication and Security
Majestri and Xero are obviously separate applications, but we do our best to make integration as seamless as possible.
This article talks about how we find out which Xero login we use to post transactions into, and how we can remember this so authentication is not required every time you do a posting.
Xero Login
The very first time you load up Majestri's posting screen, we'll be wanting to connect to your Xero chart of accounts so we can fill our drop-down lists with all the revenue and expense accounts that you've set up in Xero. For more information on setting up relevant Xero accounts for Majestri posting, please check out this article.
The Majestri system will actually take you out to the Xero site, where you will login using your normal Xero credentials.
If you successfully authenticate, then you may be then asked which "Xero Company" you want to connect to. This will only happen if you have more than one company attached to your Xero login.
Xero Access Token
Once the Xero login step is completed, the Majestri system is supplied with an access token by Xero. This token is unique to your login and company that you selected in the above step. Majestri uses this token for every subsequent connection to Xero so that you don't have to login every time we want to do something.
Majestri is a Xero development partner, and the token they gives us back is special. Under normal circumstances, a token can be used for half an hour to talk to Xero before it expires, and another login must occur so a new token can be issued. Majestri is able to just exchange an expired token for a brand new one and you don't need to authenticate again.
Clearing the Access Token
If, at any time, you are planning on stepping down from the committee, then it's a good idea to clear the current access token that Majestri holds to connect to your Xero account. The next time somebody on the committee attempts to post to Xero, they'll be asked to log in, and the next token we receive will be attached to their Xero account and not yours.
The access token can be cleared by clicking the button at the top of the Xero Summary screen.
