ml-connector
XeroMailchimp

Xero and Mailchimp integration

Xero runs your accounting and customer records. Mailchimp runs your email marketing and audience management. Connecting the two keeps your customer mailing list synchronized with your active accounts in Xero, avoids sending to stale email addresses, and tracks which orders and customers from Xero have engaged with your campaigns. ml-connector handles the very different authentication models on each side and moves contact and order data on a schedule you control.

How Xero works

Xero exposes contacts, invoices, purchase orders, payments, accounts, items, tracking categories, bank transactions, and credit notes through the Xero Accounting API, a REST endpoint served at https://api.xero.com/api.xro/2.0/ returning JSON or XML responses. All requests require an Xero-tenant-id header to target a specific organization. Xero authenticates with OAuth2 Authorization Code flow, issuing 30-minute access tokens and 60-day refresh tokens with offline_access scope. Xero publishes webhooks for Contact, Invoice, CreditNote, Payment, ManualJournal, PurchaseOrder, and BankTransaction events, but webhook payloads contain only resource metadata and require a follow-up GET to fetch the full record. Xero rate-limits at 5 concurrent calls and 60 per minute per tenant.

How Mailchimp works

Mailchimp exposes audiences (called lists), list members, e-commerce customers, e-commerce orders, campaigns, and reports through the Mailchimp Marketing API v3.0, served at https://{dc}.api.mailchimp.com/3.0/ where {dc} is extracted from the API key. Mailchimp authenticates with HTTP Basic Auth using an API key or OAuth2, and API keys do not expire. Mailchimp publishes webhooks for subscribe, unsubscribe, profile changes, and campaign events on lists, but the Marketing API webhooks have no cryptographic signature verification and rely on HTTPS and secret URLs for security. Mailchimp e-commerce records support financial status tracking (paid, pending, refunded) but Mailchimp itself has no GL accounts, invoices, or vendor records, as it is not an ERP system.

What moves between them

Contacts move from Xero into Mailchimp lists. When a contact is created or updated in Xero, ml-connector fetches the full record and syncs the email address, name, and tracking fields into a designated Mailchimp list. When a contact email changes in Xero, ml-connector updates the matching member in Mailchimp or re-subscribes if the address was previously removed. Optionally, sales invoices from Xero can sync into Mailchimp e-commerce orders to track which customers have purchased and which have received follow-up campaigns. Updates flow one direction only: Xero to Mailchimp.

How ml-connector handles it

ml-connector stores the Xero OAuth2 credentials and uses the refresh token to obtain new access tokens every 30 minutes before expiry. It validates the Xero-tenant-id header per customer and verifies incoming Xero webhook signatures using the separate signing key obtained from the Xero Developer portal. When a contact webhook arrives, ml-connector fetches the full Xero contact record and upserts it into the Mailchimp list by email address. For Mailchimp, ml-connector extracts the data center prefix from the API key, constructs the correct regional endpoint URL, and authenticates with HTTP Basic Auth on every call. Because Xero webhooks contain metadata only, ml-connector follows every webhook with a GET to fetch the complete record before mapping into Mailchimp. For e-commerce orders, ml-connector maps Xero invoice line-item amounts to Mailchimp order financial status and tracks the order total with the Xero invoice date. Mailchimp has no webhook signature verification for the Marketing API, so ml-connector relies on HTTPS and secret webhook URLs for security. Every sync carries a full audit trail and can be replayed if a downstream call fails.

A real-world example

A small consulting firm uses Xero for accounting and tracks client invoices alongside contact information. They market to current and past clients using Mailchimp email campaigns. Before the integration, the sales team manually exported the Xero client list to a CSV every few months and re-imported it into Mailchimp, leading to duplicate subscribers, stale email addresses, and missed unsubscribe requests. With Xero and Mailchimp connected, each new client added to Xero automatically appears in the Mailchimp audience within minutes, email address changes in Xero sync back to Mailchimp so campaigns reach the right address, and unsubscribes in Mailchimp can be surfaced back to the sales team. The manual export-import cycle is gone, and the Mailchimp audience is always fresh.

What you can do

  • Sync Xero contacts into Mailchimp lists automatically, mapped by email address with name and organization fields.
  • Update Mailchimp list members when a contact email, name, or status changes in Xero.
  • Resolve the Mailchimp data center prefix from the API key and route calls to the correct regional endpoint.
  • Bridge Xero OAuth2 authentication and Mailchimp API key authentication without exposing secrets.
  • Track Xero sales invoices as e-commerce orders in Mailchimp with financial status and order totals.

Questions

Which direction does data move between Xero and Mailchimp?
Contacts and orders move from Xero into Mailchimp. When a contact is created, updated, or its email changes in Xero, ml-connector syncs that contact into the Mailchimp list. Updates flow one direction only; Mailchimp unsubscribes and list edits do not flow back to Xero.
How does ml-connector handle Xero's webhook metadata-only payloads?
Xero webhooks contain only the resource ID and event type, not the full record. ml-connector follows every webhook with a GET request to fetch the complete contact or invoice record before syncing into Mailchimp. This ensures all required fields (email, name, address) are included in the sync.
How does ml-connector authenticate to Xero and Mailchimp?
For Xero, ml-connector stores the OAuth2 client credentials and uses the refresh token to obtain new access tokens automatically before the 30-minute expiry. For Mailchimp, ml-connector uses HTTP Basic Auth with the API key and extracts the data center prefix from the key to route calls to the correct endpoint. Both credential sets are encrypted and stored per customer.

Related integrations

More Xero integrations

Xero and Adobe CommerceXero and ADPXero and AdyenXero and AirbaseXero and Amazon Seller CentralXero and AnaplanXero and SAP AribaXero and AsanaXero and AvalaraXero and AvidXchangeXero and BambooHRXero and Basware

Other systems that connect to Mailchimp

Acumatica and MailchimpDATEV and MailchimpDeltek and MailchimpMicrosoft Dynamics 365 Business Central and MailchimpMicrosoft Dynamics 365 F&O and MailchimpMicrosoft Dynamics GP and MailchimpMicrosoft Dynamics NAV and MailchimpEpicor Kinetic and MailchimpExact Online and MailchimpFreshBooks and MailchimpIFS Cloud and MailchimpInfor CloudSuite and Mailchimp

Connect Xero and Mailchimp

Free to use. Add your credentials, ping your real systems, and see if we fit.

Get started