I have the Xero API setup and the OAuth flow working. I have linked up the "Demo Company UK" as the tenant (Organisation) and have granted my user with Adviser • Contact bank account admin, Payroll admin • Expenses (Admin) permissions (which appears to be the highest level) located here: https://go.xero.com/Settings/Users but I still get the following error. "You are not permitted to access this resource" I have added all the scopes that should cover the requests and have a valid access token but still no good.
'client_id' => env('XERO_CLIENT_ID'),
'client_secret' => env('XERO_CLIENT_SECRET'),
'redirect_uri' => env('XERO_REDIRECT_URI'),
'scope' => 'openid email profile offline_access accounting.transactions accounting.contacts accounting.contacts.read accounting.reports.read',
Example function making a basic call to get the users within the account. The connection to Xero is fine but as soon as I try to request any data the same error is thrown.
public function testXero() {
$xeroAccessToken = GlobalSetting::where('name', '=', 'xero_access_token')->first();
$xeroTenantOrganisation = GlobalSetting::where('name', '=', 'xero_tenant_organisation_id')->first();
$xero = new XeroApp(
new AccessToken(
array(
'access_token' => json_decode($xeroAccessToken->value)->id_token
)
), $xeroTenantOrganisation->value
);
//dd( $xero ); //we have a succesfull connection here...
# Retrieve all contacts
$contacts = $xero->contacts()->get();
dd($contacts); //error "You are not permitted to access this resource".
}
Has anybody encountered this issue?
The issue is that I was passing id_token
when making a new XeroApp
class instance. I failed to see all the other objects in the JSON object stored in the Database (very large). There is an actual access_token
that is stored along with some other useful bits of information that I make within my call.
$xero = new XeroApp(
new AccessToken(
array(
'access_token' => json_decode($xeroAccessToken->value)->access_token,
'refresh_token' => json_decode($xeroAccessToken->value)->refresh_token,
'expires' => json_decode($xeroAccessToken->value)->expires,
)
), $xeroTenantOrganisation->value
);
$contacts = $xero->contacts;
dd($contacts);//RESULTS!!! YES
I will keep this thread open just in case it helps anyone out.