With this morning’s release, some Add-on & API users have encountered an issue that has prevented some new connections being created and some existing connections from continuing to work.
The API team have been working on a resolution to this issue. In this particular case, simply going back to our previous release will not be sufficient as it would mean a large number of users would need to re-authenticate API connections. In order to correct this issue for everyone with minimal inconvenience, the Xero team are working on a resolution just as quickly as we can.
We will update this post as we have new information.
UPDATE (Monday 25th March, 12.49am GMT)
We have deployed a fix that will allow users to manually re-connect to the API to reinstate service. Work is ongoing to implement some additional fixes and root cause analysis is also ongoing, but this should allow users of Add-ons that need to get up and running right now, the ability to do so.
UPDATE (Monday 25th March, 03.26am GMT)
An additional fix has been released which should restore existing connections. We will be communicating with our Add-on partners on how to restore connectivity if it does not take place automatically. We will consider this issue as unresolved until we can confirm with our partners.
UPDATE (Monday 25th March, 04.17am GMT)
We have received reports from a number of developers that our work this afternoon has resolved the issue for them. While we are marking this issue as resolved, we will continue to assist Add-on partners and end users that need any assistance – please email email@example.com if you have any issues or questions.
We apologise for the inconvenience this has caused our customers and partners – we especially want to thank all our Add-on partners who have assisted in communicating with affected customers. Investigations into root cause continue and we will update the developer community when we have more to share on this.
Notes for developers
This only affects some applications and these will be using the Partner or Public API application type.
Resolution: Refreshing access tokens of sessions that are currently inactive should now provide a new access token which works correctly. This fix does require the previously issued access token and session handle to be presented. Other than ensuring that your application is attempting to refresh the access token, no other effort should be required.
Add-on partners can email firstname.lastname@example.org if they have any questions or need any assistance with resolving this issue.