The ADF Data Factory Xero connector runs successfully as a linked service for approx. 30 minutes, but then starts failing.
I am using the OAuth 2.0. config, and suspect it is to do with the refreshing of the token. Has anyone successfully used the ADF Xero connector with OAuth 2? If so, can you please provide some instruction on how?
I have followed the instructions at Xero for configuring OAuth 2 (links below), can confirm offline_access is scoped, and am obtaining the refresh token initially via Postman. I can also confirm that I am following the guidance at MS Docs (link below also).
Of particular interest is the statement at the MS Docs ADF Xero Connector page:
refreshToken | The OAuth 2.0 refresh token associated with the Xero application, used to refresh the access token when access token expires. Applicable for OAuth 2.0 authentication. Learn how to get the refresh token from this article.Refresh token will never expired. To get a refresh token, you must request the offline_access scope.Mark this field as a SecureString to store it securely in Data Factory, or reference a secret stored in Azure Key Vault.
The statement "Refresh token will never expired" appears to be incorrect, and at 30 minutes my token can no longer be utilised.
Example error is as follows:
"message": "ErrorCode=UserErrorFailedToConnectOdbcSource,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=ERROR [HY000] [Microsoft][Xero] (61) API Connection Failed. Bad Request. HTTP Response code: 400\r\nERROR [HY000] [Microsoft][Xero] (61) API Connection Failed. Bad Request. HTTP Response code: 400,Source=Microsoft.DataTransfer.Runtime.GenericOdbcConnectors,''Type=System.Data.Odbc.OdbcException,Message=ERROR [HY000] [Microsoft][Xero] (61) API Connection Failed. Bad Request. HTTP Response code: 400\r\nERROR [HY000] [Microsoft][Xero] (61) API Connection Failed. Bad Request. HTTP Response code: 400,Source=,'",
"target": "Copy Xero Projects",
Xero OAuth 2.0: https://developer.xero.com/documentation/oauth2/auth-flow#:~:text=Refreshing%20access%20tokens&text=Your%20app%20can%20refresh%20an,during%20the%20initial%20user%20authorization.&text=Each%20time%20you%20perform%20a,token%20returned%20in%20the%20response.
Data Factory Xero Connector: https://learn.microsoft.com/en-us/azure/data-factory/connector-xero
I have also noticed that you have opened a document feedback item as well. We have shared this with ADF team to enhance the document with necessary information.
Just sharing the GitHub issue here for reference: https://github.com/MicrosoftDocs/azure-docs/issues/63464
Hi @Sebastian ,
Just wanted to update you that we are still working with appropriate team to update the documentation accordingly to reflect this limitation with Xero connector.
Sorry the inconvenience and we appreciate your patience.
Thanks @KranthiPakala-MSFT .
As an FYI, I have a better understanding now of the issue. Essentially, the Refresh Token issued by Xero does expire 30 minutes after it is used for the first time (new Refresh Tokens are issued with subsequent requests), which the Xero connector doesn't seem to handle. So the Xero connector needs to be able to update the refresh token it has saved when subsequent requests are made, and persist this until the next OAuth challenge, then update it again.
I have been able to work around this issue by leveraging Oauth token generation + REST call, and reading/writing the refresh token via an Azure Logic App. Will share more about this pattern when I have ironed out some kinks.
I am running into the same issue. Is this a bug or just a limitation of the the connector?
Sign in to comment