Complete the Xero OAuth 2.0 authorization code flow; after token exchange, call GET https://api.xero.com/connections to retrieve the list of connected tenants and their tenantId values.
Store the tenantId for each authorized organization; all subsequent API calls require the Xero-Tenant-Id header set to the target tenantId.
POST to https://api.xero.com/api.xro/2.0/Invoices with Content-Type: application/json, the Xero-Tenant-Id header, and a body containing Type (ACCREC for receivable), Contact with ContactID, LineItems array, and DueDate.
Each LineItem must include at least a Description and LineAmount, and optionally AccountCode, TaxType, and Quantity/UnitAmount.
The response returns the created invoice object including InvoiceID and Status; store InvoiceID for future operations.
To approve a DRAFT invoice, issue a POST update with Status set to AUTHORISED.
Known gotchas
Access tokens expire after 30 minutes; use the refresh token to obtain a new access token before making API calls, storing the latest token pair.
The Xero-Tenant-Id header is mandatory for every API request; omitting it returns a 403 even with a valid token.
LineAmount and UnitAmount must be consistent with the invoice's LineAmountTypes (EXCLUSIVE, INCLUSIVE, or NOTAX); mismatches cause validation errors.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp