Back to Browse
Free
Server data from the Official MCP Registry
MCP server for Xero accounting — contacts, invoices, payments, accounts, and financial reports.
About
MCP server for Xero accounting — contacts, invoices, payments, accounts, and financial reports.
Security Report
4.7
Use Caution4.7High RiskThe Xero MCP server is well-structured with proper authentication mechanisms and reasonable permission scoping for its financial accounting purpose. However, there are notable concerns with input validation and error handling that could expose sensitive information or enable API abuse. The gateway authentication mode is a significant security strength, but credential handling in stdio mode lacks validation. Code quality issues around input sanitization and error messages should be addressed before production use. Supply chain analysis found 2 known vulnerabilities in dependencies (1 critical, 0 high severity).
7 files analyzed · 12 issues found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Permissions Required
This plugin requests these system permissions. Most are normal for its category.
What You'll Need
Set these up before or after installing:
Xero tenant ID (organisation). Required when AUTH_MODE is 'env'.
Environment variable: XERO_TENANT_ID
Xero OAuth2 access token. Required when AUTH_MODE is 'env'.Required
Environment variable: XERO_ACCESS_TOKEN
Transport mode for the server. Set to 'stdio' for local CLI use; the image defaults to 'http' for gateway hosting.
Environment variable: MCP_TRANSPORT
Credential source: 'env' reads vars locally, 'gateway' expects header injection from the WYRE MCP Gateway.
Environment variable: AUTH_MODE
Log verbosity: debug, info, warn, error
Environment variable: LOG_LEVEL
How to Install
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-wyre-technology-xero-mcp": {
"env": {
"AUTH_MODE": "your-auth-mode-here",
"LOG_LEVEL": "your-log-level-here",
"MCP_TRANSPORT": "your-mcp-transport-here",
"XERO_TENANT_ID": "your-xero-tenant-id-here",
"XERO_ACCESS_TOKEN": "your-xero-access-token-here"
},
"args": [
"-y",
"@wyre-technology/xero-mcp"
],
"command": "npx"
}
}
}Documentation
View on GitHubFrom the project's GitHub README.
Xero MCP Server
Model Context Protocol (MCP) server for the Xero Accounting API. Enables Claude and other MCP-compatible clients to manage Xero contacts, invoices, payments, accounts, and reports.
One-Click Deployment
Quick Start
Prerequisites
- Node.js >= 20
- Xero OAuth2 app credentials (requires a Xero developer account)
Install and Build
npm install
npm run build
Run (stdio mode)
XERO_ACCESS_TOKEN=your-access-token XERO_TENANT_ID=your-tenant-id npm start
Run (HTTP mode)
MCP_TRANSPORT=http XERO_ACCESS_TOKEN=your-access-token XERO_TENANT_ID=your-tenant-id npm start
The server listens on http://0.0.0.0:8080/mcp by default.
Docker
docker build -t xero-mcp .
docker run -p 8080:8080 \
-e MCP_TRANSPORT=http \
-e XERO_ACCESS_TOKEN=your-access-token \
-e XERO_TENANT_ID=your-tenant-id \
xero-mcp
Environment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
XERO_ACCESS_TOKEN | Yes (env mode) | — | Xero OAuth2 access token |
XERO_TENANT_ID | Yes (env mode) | — | Xero tenant ID (organisation) |
MCP_TRANSPORT | No | stdio | Transport type: stdio or http |
MCP_HTTP_PORT | No | 8080 | HTTP server port |
MCP_HTTP_HOST | No | 0.0.0.0 | HTTP server bind address |
AUTH_MODE | No | env | Auth mode: env or gateway |
Gateway Mode
When AUTH_MODE=gateway, credentials are passed per-request via HTTP headers instead of environment variables:
X-Xero-Access-Token— OAuth2 access tokenX-Xero-Tenant-Id— Xero tenant ID
This allows a gateway/proxy to manage multi-tenant credentials.
Available Tools
Tools are organized into domains. Use xero_navigate to select a domain, then use the domain-specific tools.
Navigation
xero_navigate— Select a domain (contacts, invoices, payments, accounts, reports)xero_back— Return to domain selection
Contacts
xero_contacts_list— List contacts with pagination and optional filteringxero_contacts_get— Get detailed contact information by IDxero_contacts_create— Create a new contact (customer or supplier)xero_contacts_search— Search contacts by name
Invoices
xero_invoices_list— List invoices with optional status and type filtersxero_invoices_get— Get detailed invoice information by IDxero_invoices_create— Create a new invoice (sales or bill)xero_invoices_update_status— Update invoice status (submit, authorise, void)
Payments
xero_payments_list— List payments with optional status filterxero_payments_get— Get detailed payment information by IDxero_payments_create— Record a payment against an invoice
Accounts
xero_accounts_list— List chart of accounts with optional type/class filterxero_accounts_get— Get detailed account information by ID
Reports
xero_reports_profit_and_loss— Profit and Loss (income statement) for a date rangexero_reports_balance_sheet— Balance Sheet as of a specific datexero_reports_aged_receivables— Aged Receivables by contactxero_reports_aged_payables— Aged Payables by contact
License
Apache-2.0
Reviews
No reviews yet
Be the first to review this server!
More Business Tools MCP Servers
Toleno
Freeby Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
137
Stars
479
Installs
8.0
Security
4.8
Local
mcp-creator-python
Freeby mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.
-
Stars
64
Installs
10.0
Security
4.6
Local
MarkItDown
Freeby Microsoft · Content & Media
Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption
120.0K
Stars
22
Installs
6.0
Security
5.0
Local