Login - Enable Windows Azure Active Directory Single Sign On
Ability to use Azure Active Directory for MFA.
Purpose: It makes Microsoft users easily log into Xero.
Hi community, we appreciate many businesses have adopted single sign on with providers like Google, Microsoft Azure/Entra, and Okta to easily streamline logins to many applications and manage operational risk. Our team are staying close to votes and feedback of the idea here, and though we can't commit to development at this time, we will be sure to let you know of any progress toward enabling single sign on
-
Alex Steer commented
Kelly Munro,
Would it be possible for Xero to combine all requests for 'Azure AD', 'SSO, 'Single Sign-On', 'SAML' 'Identity Provider' and 'IdP' including the combined number of votes.
There is a significant number of us customers asking for this but unfortunately there seems to be numerous different Ideas all suggesting the same thing in a slightly different way which may be falsely giving you the impression the numbers are lower.
-
Ian Lazzari commented
I originally commented on this several years ago (now since purged!)
This will end up being a tragic own goal for your business.
Can I just ask if your admins/developers have access to databases without using SSO? Even if using your clunky MFA protection, you are one Phish and MFA bypass away from a massive data breach which will have a disastrous impact financially, but more importantly, to the ebbing reputation of your brand. Sack your Product Manager and Information Security team and get a grip of this! -
Chris Wharton commented
Still waiting for such a basic security feature set in this day and age for businesses.
-
Tyson O'Connell commented
Xero we desperately need Single Sign On (SSO) capability for Xero access. It's unusual that you do not even have this on your agenda or in the works, based on the responses from your Xero Community Managers. I would have thought that 227 votes by June 2024 for security, not a product feature, would be at the top of your priority list.
We need Xero to implement Security Assertion Markup Language (SAML) Single Sign-On (SSO) capability.
It's a considerable security issue and risk not having this.
Xero customers should not be forced to consider alternatives to Xero as a result of security.
Please recognise that many businesses today require Identity and Access Management (IAM) solutions, such as Okta and other SSO providers.
Please reconsider your position on this. -
Rupert Davey commented
Xero is one of the most critical and least secure of the application in play at sme level. No Entra ID support in this day and age is frankly nonsense.
-
Chris Wilson commented
Why is this just about Azure. Just use standard SAML then any identity provider will work. We need JumpCloud
-
David Long commented
This is critical for IT security. It is very disappointing that Xero does not support this feature. SSO allows for automatic user offboarding, so there is no risk that an offboarded user still has access to Xero. It also allows Conditional Access to block the usage of Xero on unsecure personal laptops
-
Maurice Veliz commented
The Company I work for is looking for a new financial solution. I was going to recommend Xero, having used myself. However, as IT operations manager, one of my requirements is SSO and in particular Microsoft Azure.
I was surprised that Xero doesn't support AAD SSO and no commitment unless there are enough votes to consider.You are losing potential customers.
-
Joseph Kelly commented
I am shocked this is not a standard feature! To use SSO & automatic provisioning is a huge standard practise now. Please develop this!
-
Daniel Herr commented
Hi Xero, one big vote here from a cyber security firm using your service for 10 years now. He have Microsoft Entra ID SSO sign-in for every app except Xero. This is a compromise, having to have additional passwords out there. You are about to increase your pricing again, and I thought that something like this would have been implemented at the very least. It's been a long time already.... let's get up to speed, please.
-
Joel Mansford commented
Has this idea really been here for nearly 10years?
It beggars belief that on a system holding the most sensitive information a company has together with the ability to make payments etc this isn't already implemented.
Xero is quickly proving that it's only suitable for very small businesses and as soon as security is a concern you have to shop elsewhere for your accounting software. -
Vicky Albury commented
Will XERO only adopt industry standards AFTER their home grown security system has been compromised? Our CISO is asking for the same thing as everyone else - the ability to integrate with Azure should be mandatory, this is not a finance function and should be performed by a business with a track record in security
-
Martin Bannister commented
I dont think Xero care about security because if they did this would at least being worked on.
-
Kyle Bruin commented
Xero is behind the competition in not offering this. This is a very common feature and as others have said, weighs on our decision to continue to use Xero. The correct response Kelly should be the team has deemed this an urgent priority. Wild that Xero still thinks they need to gauge interest or collect votes for this. That reflects poorly on Xero's stance on security and their understanding of SaaS in general.
-
Daniela Kostovic commented
Just implemented Xero and looked into SSO and its not available. From a security and user perspective SSO is very important and should be available as a standard feature.
-
EMC I.T. Solutions commented
This is very long overdue and for an otherwise great product, this is a glaring weakness/deficiency. Most tech companies implemented SSO with major IDP solutions 4-5 years ago, if not longer.
-
Richard Crozier commented
Recall many only voting here because you previously closed the highly voted submission requesting generic third-party SSO years ago.
-
IT @SaatchiGallery commented
This idea comes from IT professionals and seems unimportant to their financial minds - sorted by the number of votes, it only goes to page 4!
It's such a shame XERO! You should be ashamed that you take IT security in such a derogatory and joking way, but I am sure it will come back to you - it's just a matter of time!.... disappointing!
-
Richard Over commented
I can not stress enough that in April 2024, the lack of SSO in Xero is a very large black mark against the continued use of the software.
On every RFP for my clients DDQ's, and I have to call out the lack of SSO in Xero.
-
Aimee white commented
I run my own business but also work for a large financial services company.
Our biggest security gap is no SSO on Xero.
If I can get my big company off Xero I will. Lazy not to have it.