Enter your idea

Please add Okta to the list of IdPs that should be supported when SAML SSO is added to Xero.

I think we need a commitment that it's in development at least, it's been 12+ years since this was initially suggested.

It's somewhat embarrassing for Xero at this point..

Seriously, how is it 2025 and no SSO?! @Xero team please update!

It's more than a year since the last post - can you give us an update?

Looking at these docs... I'm surprised the ATO isn't enforcing you to get this type of Identity integration completed. It's mentioned in Essential8, CPS234, and other ASIC/APRA regulatory guidelines.

https://apiportal.ato.gov.au/api-products/oauth-dynamic-client-registration-api
https://www.ato.gov.au/api/public/content/d9bc7a79-1954-405f-b107-9154900768eb_ato_digital_strategy_2022_25_pdf

This definitely needs to be made a priority. Our financials and payroll are the least secure.

Stop putting prices up each year without implementing SSO. We need this to be secure. We don't need or want features like JAX.

100% yes to this. Why is this not a thing... it's 2025!!!!

As a shareholder, I'm watching this closely. Not sure what the CISO is doing.

I am looking at moving off Xero, as it is ridiculous that SSO support is not provided, and as a provider of Identity & Access Management services it's sort of a deal breaker to use software that doesn't provide this fundamental security benefit.

By the way - as an enterprise software provider - you should be mindful of CISA's Secure By Design Framework and the myriad other frameworks that you are not in compliance with by not providing SSO (even behind a paywall, which is a separate conversation, but at least it's offered)

If you need help implementing shoot me an email - james@anthropicidentity.com I work in IAM and have implemented SSO many times. How easy it is to do this vs the impact it has on the maturity of your software makes me a little shocked you still don't have it in place

Will begin to look at alternative systems which allows SSO. Please review your commitment to this

Mind blowing that this isn’t a standard feature!

The sooner this can come in the better Xero.

I wonder how many complaints about the product would make Xero take this seriously. It is not a big implementation task. The responses from Xero shows no real interesting in developing such a critical component.

What’s really inexcusable is you could implement Entra SSO, which is the 80% scenario, in a week. Make me provision a Xero password no one knows, fine, just let me map it to an Entra SSO flow

There is a wall of shame for companies that gatekeep this absolutely essential feature behind higher pricing tiers. To not offer the feature at all in 2025 is utterly tone deaf… https://sso.tax

Implementing Zero Trust for my clients, Xero is the only SaaS in most which doesn't have SSO - and it is business critical for security! No update from Xero about plans on this in almost a year - surely there's some progress towards such a critical feature. People need to share this 12 YEAR OLD FEATURE REQUEST to try and get more traction - 12 years is long enough to solve a problem which only becomes more critical as threats evolve.

Xero is currently not compatible with Essential Eight ML2.

In positive news, Hubspot just announced that they've added SSO support using SAML2.0 to their non enterprise tiers so that organisations can maintain good security regardless of size.

Nice to know it's not every SaaS provider that just complete ignores hundreds upon hundreds of requests from their customers for standard security functionality necessary for SaaS applications. It's just Xero.

our ISO auditors are advising to shift away from Xero due to the lack of security features (SSO DKIM) e.t.c sad to see from such a big name but guess im planning to leave them now

This is an absolutely essential feature for all cloud apps. It not only improves security, but also makes the customer experience so much better.