Login - Enable Windows Azure Active Directory Single Sign On
Ability to use Azure Active Directory for MFA.
Purpose: It makes Microsoft users easily log into Xero.

Hi community, we appreciate many businesses have adopted single sign on with providers like Google, Microsoft Azure/Entra, and Okta to easily streamline logins to many applications and manage operational risk. Our team are staying close to votes and feedback of the idea here, and though we can't commit to development at this time, we will be sure to let you know of any progress toward enabling single sign on
-
Justin Fletcher commented
It is unbelievable that this remains unavailable and @xero has not provided an update in over a year. It would simplify user administration and stop exposing businesses to weaknesses that can be addressed.
-
Nisheet Patel commented
Surely this has to be a standard offering in cloud platforms considering the security improvements it would bring. What's there still to think about?
-
Kai Howells commented
This request has been hanging in for so long that it talks about Azure Active Directory instead of Entra ID.
Come on Xero, it's time to get serious about security and enterprise integration.
-
Stuart Ellidge commented
@Xero how many votes and comments does a ticket need to get picked up?! It's becoming insulting now.
-
Craig Reynolds commented
I'm amazed that something I take for granted on pretty much every SaaS platform is missing from Xero with no commitment to actually do anything. When we evaluate new platforms SSO is one of the key criteria we measure against.
A timeline or roadmap is needed Xero.
-
Mark Anyon commented
Here is the linkedin for Security (CISO) at Xero, I wonder how high this topic sits on her priority list....
-
Kristian Zembic commented
It is a joke that this still has not been implemented with no response from Xero for over a year now. SSO is literally an industry standard now. If their dev team is this incompentent, then I would quickly begin questioning how robust is Xero's security given the highly sensitive data their systems hold. I feel that unless this starts to affect their revenue stream, they will continue to ignore these requests. Our company will start to look into alternative providers on our next renewal. Do yourself a favour, if you are a potential customer for Xero and are reading this, look elsewhere.
-
Jimmy Tang commented
PLEASE ALLOW THIS !!!! we have staff members logging into our system from home and cannot prevent it.
-
Andrew Anderson commented
Also take a look at what Stripe did in their SSO implementation to handle advisors with multiple clients/organizations, role assignments via attribute mappings, and their EXCELLENT testing and troubleshooting tools that ensure the SSO configuration is working.
-
John Crane commented
Please add Okta to the list of IdPs that should be supported when SAML SSO is added to Xero.
-
Jodie Rugless commented
If Xero were committed to keeping their customers most critical data safe and secure, and making administration of user access as streamlined as possible, they would implement Azure SAML. Get on with it.
-
Amy Jobson commented
It suprises me that there hasnt been any word from Xero on this. Doesnt seem like they are "staying close to votes and feedback of the idea here". Xero, please confirm this thread is being monitored at all and what the plan is here!
-
Nathan Porter commented
Unfortunately, Xero is one of the weak links in our application stack when it comes to security.
-
Dan Simpson commented
Shocking that Xero do not support Azure SAML. This is not helping businesses at keep their most critical data safe and secure, making administration of user access that much more difficult!
-
Andrew Anderson commented
Please add Okta to the list of IdPs that should be supported when SAML SSO is added to Xero.
-
Matt Gifford commented
I think we need a commitment that it's in development at least, it's been 12+ years since this was initially suggested.
It's somewhat embarrassing for Xero at this point..
-
Guy Edelstyn commented
Seriously, how is it 2025 and no SSO?! @Xero team please update!
-
Stuart Ellidge commented
It's more than a year since the last post - can you give us an update?
-
Eric Hoy commented
Looking at these docs... I'm surprised the ATO isn't enforcing you to get this type of Identity integration completed. It's mentioned in Essential8, CPS234, and other ASIC/APRA regulatory guidelines.
https://apiportal.ato.gov.au/api-products/oauth-dynamic-client-registration-api
https://www.ato.gov.au/api/public/content/d9bc7a79-1954-405f-b107-9154900768eb_ato_digital_strategy_2022_25_pdf -
Tasha Palmer commented
This definitely needs to be made a priority. Our financials and payroll are the least secure.