When we released fmAccounting Link (Xero Edition) back in 2014 we developed it to be used with a Xero API Private Application – this made the most sense at the time and still does for most customers who are only concerned with connecting their custom FileMaker business app with their own Xero organisation. Private Applications are just one of the three different types of API Applications available for the Xero API:
- Private – connected to a single Xero organisation, doesn’t require user authentication
- Public -connect to multiple Xero organisations, requires user authentication, 30 minute access limit
- Partner– connect to multiple Xero organisations, requires user authentication, long term access
One of the main advantages of a Private Application is that your FileMaker users do not need to have a Xero account, so you can allow them to perform specific functions (e.g. uploading Contacts, Invoices, Payments etc from FileMaker to Xero) without having to get them access to Xero itself – the Private Application handles the authentication with Xero for them. This means you don’t have to worry about giving access to confidential business information contained in Xero to all FileMaker users.
There may be times however when you wish to only allow Xero users to upload data from FileMaker to Xero – this would require the use of a Public or Partner application. Databuzz recently took part in Xero’s XD HAX Developer Challenge 2017 and we decided to use this opportunity to explore how a Public Application integration could work. We were focussed on integrating with FileMaker Cloud which runs on AWS and wanted to have a native solution that ran on all the FileMaker clients that FileMaker Cloud supports, including FileMaker Pro for Mac/Windows, FileMaker Go for the iPhone and iPad, and FileMaker WebDirect.
As FileMaker doesn’t have the native functions to perform the OAuth 1.0a authentication that a Private Application type uses we have used a FileMaker plug-in to handle the authentication with the Xero API. FileMaker plug-ins are only supported by the Mac/Windows FileMaker Pro client applications which means they cannot be used by FileMaker Go for iOS (though you can use the iOS SDK to create an iOS application based on FileMaker Go that can include the plug-in).
Using a Public Application type integration means we could remove the dependency on the plug-in as Public applications use the standard 3 legged OAuth process where a user can authorise your application – in Xero’s case this is for 30 minutes, at which point the access token expires.
For our XD HAX Developer Challenge entry we changed the authentication method to use a Public Application integration and took advantage of a number of native FileMaker features, such as using a Card Window to handle the Xero authentication window, and the new cURL and JSON functions to handle the encoding/decoding of data and uploading/download with the Xero API. Here’s a brief video demonstrating how a Public Application integration could work with our fmAccounting Link (Xero Edition) solution:
We would love to hear if this is something that you would be interested in seeing in a future version of fmAccounting Link. We love that we can provide a native solution that runs on all FileMaker clients without a plug-in but are not sure whether customers would prefer the long term access that a private application provides and the benefit of not having to use a Xero login to authenticate.