Xero Connection Error 500

Questions
1

Im trying to get Xero connected but keep getting the following error.

Error: unauthorized

_ client

Invalid scope for client

Error code: 500

IMG_2657
IMG_2657960×1356 79.3 KB

2

Hi @simonmillersa welcome to the community!

I too faced this issue when creating a Xero Connection on n8n.

So, I created a Generic Credential ‘OAuth 2.0’ with these details -

Grant Type - Authorization Code

Authorization URL - https://login.xero.com/identity/connect/authorize

Access Token URL - https://identity.xero.com/connect/token

Client ID - generated from your Xero App

Client Secret - generated from your Xero App

Scope - accounting.contacts, accounting.settings, accounting.transactions, email, offline_access, openid, profile

Authentication - Header

And, you will need to use an ‘HTTP Request’ node with the above Generic Credentials for it to work.

You may have to add more scopes based on the Xero API that you’re trying to use.

I hope the issue with Xero’s native connection is fixed, so we don’t have to use this method.

3

I filed a ticket about this with Xero. Their support team let me know that they updated their API on March 2, 2026 to eliminate scopes from the web admin, and added them to the auth flow.

For xero to work through n8n, the devs at n8n I believe would need to update their oauth with xero to request scopes during the auth flow.

4

I had this same issue, and came across this thread and the solution proposed. It didn’t work for me but was a good start towards resolving this issue.

Having spent hours troubleshooting this, thought of sharing the resolution here so that many others would not face the same issue.

The issue is the default N8N authenticator for Xero would not work anymore because Xero had updated its API (read more here)

https://devblog.xero.com/upcoming-changes-to-xero-accounting-api-scopes-705c5a9621a0

  1. The default Xero OAuth2.0 function will attempt to request for ALL the accounting scopes at a go

  2. This breaks the connection because i) Xero mentioned that they are discontinuing most accounting scopes from ‘broad scopes’ to ‘granular’ scopes. Example in the past you would use “accounting.transactions” as the scope but this has been discontinued for new apps and you need to use more specific scopes such as “accounting.reports.read”. This is why you get the invalid SCOPE error because these scopes have been decommisioned!

  3. Secondly, the default Xero OAuth2.0 requests for all the scopes at a go when you put in “accounting.contacts, accounting.settings, accounting.transactions, email, offline_access, openid, profile” under the scope when creating a custom connection

  4. Xero has documented that scope cannot be requested all at once, but need to be requested one at a time (additive) - see link below

  5. Scopes — Xero Developer

  6. In order to get it to work, you need to create a custom credential (as explained by the post above), but start by requesting for one scope only whichis “openid”

  7. This time you should be connected to your app where you can identify your organisation.

  8. Go back to the custom credential for Xero and change “openid” with “accounting.invoices” and reconnect. Repeat the step with every of the granular scope until you managed to add everything. (It was painful for me, I reconnected 16 times, replacing each scope each time)

  9. Finally, once you have added everything, you can just replace the entire field with all the scope that you have added in one row “openid profile email offline_access accounting.banktransactions.read accounting.reports.balancesheet.read accounting.reports.profitandloss.read accounting.reports.trialbalance.read accounting.reports.banksummary.read accounting.settings.read” and reconnect.

  10. Unfortunately unless N8N fixes te OAuth2 API connection, this is the only workaround.

  11. It worked well for me, do let me know if it works for you as well!

5

I tried the steps suggested by @jitesh and also what you added @Karhoe but i had no joy
kept getting:

Error: unauthorized_client

Invalid redirect_uri

Error code: 500

my redirect URL in xero app is that what was found in the callback box in n8n

any suggestions?

6

Did you manage to connect to Xero login page by just setting the scope to openid and nothing else?

7

Hi @Karhoe

Nope that didn’t work either.

I’m really stuck with this

I’m using custom connections in Xero using client credentials.

I’ve created a customer oauth2 api credentials in N8N using the right scopes

Not sure what I’m doing wrong

8

Hi

I managed to sort it

Had to create one OAuth with open id using auth code

Then use that to call get the tenant ID

Then create another OAuth for contacts and then use that to call the contacts in Xero

So in N8N I needed 2 nodes