Enter your idea

To be a leading product this feature should already be implemented.

I went to the NZ Cyber security Summit in Wellington a week ago. Crowdstrike gave a presentation where someone senior from Xero took part in the presentation. The audience was a few hundred cyber professionals. Xero person went to great lengths to point out how conscious Xero is about customer cyber security on the platform. Knowing SSO is still not available in Xero was a topic at lunch afterwards. Time to get serious on this Xero instead of talking a big game about Cyber Security. The reality is not in line with the marketing!

SAML / SSO is pretty much expected in 2025. We're a cyber security provider and every other software package in the market, let alone a global one, supports this.

Can we get a commitment as to when this will be made available?

Agree with many of the comments below. This is a widely adopted and expected feature that many of us have to have in place to comply with various security accreditations. It would be great to have this in place ASAP.

We are moving everything to single Sign on and Xero being one of our critical apps, this will be important for how we move forward. Would be good to have an urgent update on your plans for this so people can manage things accordingly.

So in 2022 you identified that your customer base wants SSO, and in 2024 confirm no commitment or dev has been done for it. Major disappointment!! Your app is going the way of the dinosaur. Its time to catch up to the most BASIC app standards, or you will die off. Who is running this ship? They need a wake-up call!

It's great to see this getting more attention from the community.

Hopefully the Xero Team takes notice.

More to the point, the Australian government ACSC Essential8 now requires it.

We are implementing the Australian ESSENTIAL 8 security measures. Can we have single sign on so we can use phishing resistant MFA & log MFA failure? https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight/essential-eight-maturity-model

We are also likely needing to switch platforms this year as a result of this missing feature. This is disappointing as we have been a Xero customer since 2012.

Please add this Xero - it's crazy that this has been on the Ideas Board since 2013 and has a huge number of votes.

It's such an easy implementation for a dev team to roll out and dramatically improves the security of Xero and opens up the customer base to anyone under ISO27001 etc.

Another publicly listed company not taking security seriously.

Just disappointing really.

It won't be long before they make the news.

This is so frustrating that Xero does not support basic security features in 2025.

Any planned support for Okta / SAML?

We're planning iso27001 and this will be a deal breaker. If its not on the 2025 roadmap, we'll need to leave the platform.

This is an absolute requirement moving forwards.

we are currently attaining ISO 27001 and this is a requirement.
Its not a nice to have its a must have.

As the push towards Passkeys kicks into high gear in 2025, Xero is way behind here. Most small businesses have Google Workspace or Microsoft 365. These are some of the most secure authentication methods because they've been pushing their users towards 2FA and now Passkeys. At the very least there should be native Passkey support, but ideally, SSO/SAML support for the like of Google. Microsoft, Okta, and Duo. This is the only 'major' app in our business stack that still relies on direct password authentication. Everything else is Passkeys or Google SSO Auth.

Please please pretty please

I concur with Adam.

I work for an ISO 27001 consultancy, and Xero appears on many of our clients' risk registers for this.

Given QuickBooks Online doesn't appear do this either, implementing it would give Xero a marketable USP in the small business space to pick up the SMB's that take cybersecurity seriously (which is a large chunk) and hoover up some of QB's market segment.

I don't know if the reticence is the complexity of implementing it, or the expected time commitment to supporting users afterwards, but the demand for it isn't' going to go away ... and if Xero can't deliver, I can see some of our customers moving away to other solutions that do (and as a consultant, I can't blame them either).