Enter your idea

I am looking at moving off Xero, as it is ridiculous that SSO support is not provided, and as a provider of Identity & Access Management services it's sort of a deal breaker to use software that doesn't provide this fundamental security benefit.

By the way - as an enterprise software provider - you should be mindful of CISA's Secure By Design Framework and the myriad other frameworks that you are not in compliance with by not providing SSO (even behind a paywall, which is a separate conversation, but at least it's offered)

If you need help implementing shoot me an email - james@anthropicidentity.com I work in IAM and have implemented SSO many times. How easy it is to do this vs the impact it has on the maturity of your software makes me a little shocked you still don't have it in place

Will begin to look at alternative systems which allows SSO. Please review your commitment to this

Mind blowing that this isn’t a standard feature!

The sooner this can come in the better Xero.

I wonder how many complaints about the product would make Xero take this seriously. It is not a big implementation task. The responses from Xero shows no real interesting in developing such a critical component.

What’s really inexcusable is you could implement Entra SSO, which is the 80% scenario, in a week. Make me provision a Xero password no one knows, fine, just let me map it to an Entra SSO flow

There is a wall of shame for companies that gatekeep this absolutely essential feature behind higher pricing tiers. To not offer the feature at all in 2025 is utterly tone deaf… https://sso.tax

Implementing Zero Trust for my clients, Xero is the only SaaS in most which doesn't have SSO - and it is business critical for security! No update from Xero about plans on this in almost a year - surely there's some progress towards such a critical feature. People need to share this 12 YEAR OLD FEATURE REQUEST to try and get more traction - 12 years is long enough to solve a problem which only becomes more critical as threats evolve.

Xero is currently not compatible with Essential Eight ML2.

In positive news, Hubspot just announced that they've added SSO support using SAML2.0 to their non enterprise tiers so that organisations can maintain good security regardless of size.

Nice to know it's not every SaaS provider that just complete ignores hundreds upon hundreds of requests from their customers for standard security functionality necessary for SaaS applications. It's just Xero.

our ISO auditors are advising to shift away from Xero due to the lack of security features (SSO DKIM) e.t.c sad to see from such a big name but guess im planning to leave them now

This is an absolutely essential feature for all cloud apps. It not only improves security, but also makes the customer experience so much better.

To be a leading product this feature should already be implemented.

I went to the NZ Cyber security Summit in Wellington a week ago. Crowdstrike gave a presentation where someone senior from Xero took part in the presentation. The audience was a few hundred cyber professionals. Xero person went to great lengths to point out how conscious Xero is about customer cyber security on the platform. Knowing SSO is still not available in Xero was a topic at lunch afterwards. Time to get serious on this Xero instead of talking a big game about Cyber Security. The reality is not in line with the marketing!

SAML / SSO is pretty much expected in 2025. We're a cyber security provider and every other software package in the market, let alone a global one, supports this.

Can we get a commitment as to when this will be made available?

Agree with many of the comments below. This is a widely adopted and expected feature that many of us have to have in place to comply with various security accreditations. It would be great to have this in place ASAP.

We are moving everything to single Sign on and Xero being one of our critical apps, this will be important for how we move forward. Would be good to have an urgent update on your plans for this so people can manage things accordingly.

So in 2022 you identified that your customer base wants SSO, and in 2024 confirm no commitment or dev has been done for it. Major disappointment!! Your app is going the way of the dinosaur. Its time to catch up to the most BASIC app standards, or you will die off. Who is running this ship? They need a wake-up call!

It's great to see this getting more attention from the community.

Hopefully the Xero Team takes notice.

More to the point, the Australian government ACSC Essential8 now requires it.