Xero MCP Server: Connect Xero to Claude
Xero integrates with Claude via the Model Context Protocol (MCP), enabling Claude to read invoices, contacts, bank transactions, and account data directly from your Xero organisation. As of April 2026, no official Xero MCP server exists — community-built servers are available, and Lightning Ventures maintains a tested, production-hardened configuration. Setup takes approximately 2–4 hours for a developer, or 3 business days via our deployment service. Australian businesses should note that data is processed via a locally-run server, keeping Xero data within your own infrastructure.
Xero is the dominant accounting platform for Australian SMBs, used by over 1 million businesses. Connecting it to Claude via MCP transforms it from a data entry system into an active business intelligence layer — one your team can query in plain English without exporting spreadsheets or waiting for month-end reports.
What is Xero?
Xero is a cloud-based accounting platform widely adopted across Australia and New Zealand. It covers invoicing, bank reconciliation, payroll, expense claims, and financial reporting. Xero is the de facto accounting standard for Australian SMBs, accounting firms, and many mid-market businesses.
What is MCP and why does it matter for Xero users?
The Model Context Protocol (MCP) is an open standard created by Anthropic that defines how AI models connect to external tools and data sources. Where traditional integrations are point-to-point (a Zapier zap moves data from A to B on a fixed schedule), MCP is agent-native: Claude decides when to query Xero, what to ask for, and how to use the response — based on your natural language instructions.
For Xero users, this means you can ask Claude questions like:
- “Summarise our outstanding invoices over 30 days and draft a follow-up email for each client”
- “What was our gross margin last quarter compared to the same period last year?”
- “Which expense categories are trending up this month?”
And receive answers drawn directly from live Xero data — no exports, no manual lookups.
The key difference from other integration approaches: MCP maintains a persistent connection that Claude can query multiple times within a single conversation. Ask a follow-up, drill into a specific client, cross-reference with another data source — the context stays intact throughout.
Current state of Xero + Claude integration
As of April 2026, there is no official Xero MCP server. Xero has not announced one on their developer roadmap. Community-built servers exist on GitHub — the most maintained is the xero-mcp-server project — but most lack production-grade features: proper OAuth token refresh handling, rate limiting that respects Xero’s 60 req/min cap, structured error responses Claude can interpret, and monitoring.
Lightning Ventures maintains a tested fork with all of the above, plus Australian-specific endpoint coverage for GST, BAS-relevant tax types, and multi-currency support common in AU/NZ businesses.
How it works
The Xero + Claude integration runs on your own infrastructure via a locally-deployed MCP server. Lightning Ventures handles setup end-to-end: OAuth 2.0 configuration with the correct read-only scopes, token refresh handling, rate limiting to stay within Xero’s 60 req/min cap, monitoring, and an Australian Privacy Act compliance review. Once deployed, Claude has live access to your Xero data with no copy-paste, no exports, and no third-party system in the middle.
Typical deployment timeline is 3 business days for a standard read-only setup, or 2–3 weeks for a Custom Build with write-back workflows, multi-entity support, or payroll coverage.
Security and compliance considerations
Data flow: Your Xero data travels from Xero’s OAuth-secured servers → to your locally-run MCP server → to Claude’s context window within a single query. The MCP server does not store or cache Xero data between sessions.
OAuth scopes: Request only the scopes your use case requires. Read-only access is sufficient for reporting, summarisation, and analysis. Never grant write scopes unless you have a specific workflow that requires them — and if you do, implement approval gates before any write operation executes.
Australian Privacy Act (APP 8): The locally-hosted architecture means no overseas disclosure of Xero data occurs during normal MCP operation. Claude’s API calls do send query context (which may include financial figures and client names) to Anthropic’s US-based servers. If your Xero data contains personal information about Australian residents, review Anthropic’s data processing agreements against your Privacy Policy obligations. Lightning Ventures recommends data minimisation — only query the specific data fields needed for each use case.
Token storage: Store refresh tokens in environment variables or a secrets manager (AWS Secrets Manager, 1Password Secrets Automation). Never commit .env files or .xero-tokens.json to source control.
Network security: For production deployments, run the MCP server behind your firewall or on a private VPC. The server should not be publicly accessible on the internet.
Common use cases for Australian businesses
Common errors and fixes
Frequently asked questions
Does Xero have an official MCP server?
No. As of April 2026, Xero has not released an official MCP server and has not announced one on their developer roadmap. Community-built servers exist on GitHub, and Lightning Ventures maintains a tested, production-hardened configuration with proper OAuth handling, rate limiting, and monitoring.
Is connecting Xero to Claude compliant with the Australian Privacy Act?
When using the Lightning Ventures deployment, your Xero data is processed via a locally-run MCP server on your own infrastructure — it does not pass through any third-party systems beyond Xero's OAuth. This architecture is consistent with Australian Privacy Principle 8 (cross-border disclosure) requirements. Note that Claude's API calls send query context to Anthropic's servers — review Anthropic's data processing terms if your Xero data contains personal information about Australian residents.
Can the Xero MCP server write data back to Xero, or is it read-only?
Read-write is technically possible if your OAuth scopes include write permissions. Lightning Ventures recommends read-only scopes (accounting.transactions.read) for most deployments to minimise risk. Write access is available on the Custom Build tier with additional security controls.
What Xero data can Claude access via MCP?
With standard read scopes: invoices (draft, outstanding, paid), contacts, bank transactions, bank accounts, tax rates, and organisation settings. Payroll data requires separate Xero Payroll API scopes and is not included in the standard configuration.
Will this work with Xero's Australian accounting features like BAS?
Yes. The MCP server exposes Xero's full accounting API, including GST rates, tax types, and the reporting endpoints relevant to BAS preparation. Claude can read and summarise this data. Formal BAS lodgement must still go through a registered BAS agent.
How is MCP different from connecting Xero to Claude via Zapier?
Zapier connects Xero to Claude on fixed triggers — a new invoice creates a fixed action. MCP is agent-native: Claude decides when to query Xero, what to ask for, and how to combine multiple data points in a single response. MCP is better suited to open-ended queries and analytical workflows; Zapier is better suited to simple, repeatable automations.
Ready to use the Xero MCP?
Drop your details and we'll reach out to set up the Xero + Claude integration on your infrastructure. Typical turnaround: 3 business days.
Melbourne-based · Privacy Act compliant · 2–3 new MCP projects per month