Permissions over an App - xero-api

I'm new to Xero API's and I'm trying to understand a thing.
In my Company we currently have various different “organisations” within Xero, and this number will be growing in the near future.
We also have a 3rd party web application we use for technical and management data – to which we now would like to add financial data, mostly in the form of exported Xero reports.
We had been looking at the API functionality – however as I understand it Xero is unable to grant a subset of permissions to API calls – i.e. anyone with API access would have the same level of access a standard user – so aside from being able to pull the reports we require, they would also have access to all other data, such as transactional data, account numbers, creation and deletion of invoices etc. etc. Please can you confirm whether this would be the case?
In short terms: we need to restrict the API calls to the reports only, is this possible?
If not, does Xero have a functionality where reports can be automatically exported to an external location – such as a cloud service or an FTP site or similar?
Many thanks in advance

You're correct. Once you connect an app to the API it has access to all the accounting endpoints. Payroll endpoints are the only ones that require additional scopes.
And no, unfortunately there's no way to schedule report exports either. Sorry!

Related

Can I use Stitch with multiple Xero accounts?

Stitch is an ETL that provides an integration with Xero accounting software:
https://www.stitchdata.com/integrations/xero/
I intended to use Stitch to allow the users of my app to connect their account with Xero, allowing us to store their Xero information for later analysis.
I was wondering if there is a way of setting and managing multiple Xero accounts with the same Stitch account, programatically (via an API, not via a UI).
I have seen the docs and they explain how to manually connecting your Stitch account with your (one) Xero account by manually authorizing:
https://www.stitchdata.com/docs/integrations/saas/xero#add-stitch-data-source
But I need to support multiple Xero accounts and to be able to set them up through my program.
the Xero API does support this. However depending on how the Stitch XeroAPI integration is setup they may only be allowing access to one org at a time. If you do request this feature and they decide to add it, we will work closely with them on the XeroAPI side.
Good luck. If you decide to build some kind of integration yourself shoot us a message at api#xero.com and we will help you through.

How Third Party Apps are getting data without using Adwords Reporting API?

I was trying to develop an automated reporting tool for my company and its very difficult to get the Google API access, being a very large agency we are still not able to get that.
Having said that, when I tried using some other reporting tools, they retrieve all our account reports just by connecting them with one access permission (with google sign-in API).
Any idea how the third party apps are doing it so easily without any API access?
Here is a documentation to help you get started.
The Google Analytics Reporting API v4 is the most advanced
programmatic method to access report data in Google Analytics.
With the Google Analytics Reporting API, you can:
Build custom dashboards to display Google Analytics data.
Automate complex reporting tasks to save time.
Integrate your Google Analytics data with other business applications.
Currently, here are the languages supported, sample codes were also available.
Service application (Java, Python, PHP)
Installed application (Java, Python)
Web application (PHP, JavaScript)
You have also to take note these reason from the answer in SO post why we need to have access permission:
Security. If the end user has your credentials he can log into your google account and have access to all your data.
Latency. The API is not intended to be used on page load. If your page loads depend on it it may take a long time to load for your
users.
Quota. The API has a limited quota that will extinguish fast if you query it every time a user enters your website.
Design. Ultimately, the API was designed to be used by yourself extracting data offline not in real time by others.

Creating a survey via the API with a Basic or Select account

Under "Scopes" the API documentation says "...the Create/Modify Surveys scope is available to Free (Basic) plans", but later contradicts that in the table showing "Platinum/Enterprise" as the minimum plan for the Create/Modify Surveys scope.
I am developing an application for a client that I believe has a Platinum account. However, I myself only have a Basic account and am reluctant to invest in a Platinum account for this small development project.
The client requires the creation a tool that generates surveys via the API, which seems pretty straightforward, except that I am unable to do so with my account. Is there some way my client can allow my account to access a development app on their account so I can test survey creation? Or could I do so myself with a Basic or Select account?
The Create/Modify Surveys scope will be moved down to the SELECT plan. Also, we will be providing developers time-limited full access to all the endpoints (except feature endpoints like benchmarks which requires the user to have bought the benchmark) when accessing their own account.
This should be available within a week or two. Check back at your app and the docs at https://developer.surveymonkey.com/ soon to see when the changes have been released.
Let us know if you have any more questions!

Policy of data generated using Plaid API or Yodlee

I'm working on a startup and we plan to use Plaid API or Yodlee for banking data aggregation ie credit history and previous transactions. I wanted to know about the data policy of these services from a fellow programmer who has worked on it. The sales guys give a pretty garbled view.
My questions are mainly
If one of my users had previously given their data to these
aggregators (ie maybe used Yodlee for mint) do they have to put in
each of their bank login details again if they use my service or do
they have a sort of user profile with which they can authorize my
app to view the data stored in their service.
Does Plaid API/Yodlee use the data I generate for its own uses and
do my users owe these data to these services and not me?
If I want to move out do they still hold my users data (the bank
accounts they have signed up with)as a profile on their desk?
PS: I think this question follows SO's policy but feel free to correct me if not.

https://bigquery.cloud.google.com/ not connected. retrying

I am trying to work out query access to the Google Analytics API. I am not a developer and so progressing via the developer route is currently not an option (notes - https://developers.google.com/analytics/devguides/reporting/core/v3/coreDevguide).
I have been looking at setting up with BigQuery, but am struggling to check that I can query in the web interface because it will not load for me.
I am logged in with the account that I am using to access our company URL (I can access this perfectly well using the GA interface).
I can also query the http://ga-dev-tools.appspot.com/explorer/ interface successfully.
What am I doing wrong? Do I need to go the whole hog and set up the bigquery billing (I am hesitant to do this since I want to prove the concept first).
Regards
Tristan
If you cannot access https://bigquery.cloud.google.com/, then I would work with your system administrator to verify that you have network connectivity to that web site.
If you can access the BigQuery UI, then you can follow the Sign Up for BigQuery instructions to enable the UI for you. You do not need to sign up for billing to run a few queries over the public sample tables, but you do need to sign up for billing if you want to load your own data into the system and to significantly increase your query quota limits.
As to BigQuery integration with Google Analytics Premium (see the blog post for background on this feature), you need to request this integration through Google Analytics Premium. Please contact your Google Analytics Premium customer support.