Cash Runway Docs

Appearance

Account categories

/settings/categories lists every Xero account synced into Cash Runway, one per row, with the controls that tune how each account is treated by the forecast engine and the agentic API.

The page surfaces three orthogonal controls per row:

  • Burn / revenue inclusion — whether the account contributes to the burn or revenue baseline. Set via a dropdown; defaults follow Xero's account class.
  • P&L position — Revenue / COGS / OpEx / Off-P&L. Set via a dropdown; defaults follow Xero's account type.
  • Sensitive — a privacy flag that hides the account's name from API keys that lack the READ_SENSITIVE scope.

This page focuses on the Sensitive flag. The other two controls have their own guides linked at the bottom.

Sensitive accounts and contacts

The Sensitive column sits to the right of each account row. Two states:

  • — (muted dash) — the account is visible to every API key. Default for most accounts.
  • 🔒 Sensitive (amber badge) — the account is hidden from API keys that lack the READ_SENSITIVE scope. Their responses omit list rows entirely and rewrite the account name to "Sensitive account" in composite responses like /cash-position and /forecast.

Click the column to flip the flag.

Sensitive doesn't change YOUR view

The flag only affects API key consumers (AI agents, integrations). Operators signed in to the Cash Runway UI always see real account names.

How to mark an account sensitive

  1. Open Settings → Account categories.

  2. Find the account in the table (use the search if needed).

  3. Click the in the Sensitive column.

  4. The first time you flag a row in a session, a confirmation dialog appears naming the account:

    Mark Director Loan as sensitive? Agents and team members without sensitive-data access won't see this account.

    Click OK. Subsequent flags in the same session skip the dialog.

  5. The badge flips to 🔒 Sensitive. Changes are saved immediately.

To un-flag, click the badge again. There is no confirmation — un-flagging is the reversible direction.

Auto-flagged accounts

Cash Runway auto-flags two classes of account on every Xero sync:

  • EQUITY-class accounts — owner equity, retained earnings, director loans.
  • Payroll-adjacent typesWAGES, WAGESPAYABLELIABILITY, SUPERANNUATIONLIABILITY, SUPERANNUATIONEXPENSE, PAYE, PAYG.

The auto-flag runs every sync, so a newly-added Wages account in Xero is flagged automatically on the next sync. The rule never overwrites an existing decision — once you un-flag an EQUITY account, future syncs respect that.

GST is intentionally NOT auto-flagged

The GST Collected and GST Paid auto-seeded rows are deliberately left un-flagged. GST is derivable from your sales totals, so hiding it adds zero security and high friction. You can flag them manually if you prefer.

Flagging contacts

Contacts (customers, suppliers) use the same badge, surfaced on /customers/[id] rather than on the categories page. There is no auto-flag for contacts — flag personal counterparties manually.

What happens on the API side

For every API key that lacks the READ_SENSITIVE scope:

EndpointEffect
GET /api/agent/bank-accountsBank accounts whose underlying Xero account is flagged sensitive are omitted. redactedItemCount reports how many.
GET /api/agent/cash-positionAccount rows in accounts[] keep their balances, but name becomes "Sensitive account". The cash-position total reconciles against the bank ledger.
GET /api/agent/forecastPer-week account breakdowns mask the account name. Weekly inflow / outflow / closing and the overall startingCash / endingCash all reconcile — sensitive accounts contribute to the totals, only their names redact.

Keys carrying READ_SENSITIVE see all names normally and get redactedItemCount: 0.

See API keys for how to grant the scope and how to audit which keys have used it.

Burn / revenue inclusion

A separate control on the same row tells the forecast engine whether to include the account in the burn or revenue baseline. The default follows Xero's account class; you can force INCLUDE_IN_BURN, INCLUDE_IN_REVENUE, or EXCLUDE.

See the dashboard guide for how the burn / revenue baselines feed the cash projection.

P&L position override

A third control sets the account's P&L line independently of its Xero type — Revenue / COGS / OpEx / Off-P&L. Use this when Xero's account type doesn't match how you think about the account.

Accounts typed COGS here also feed the gross-profit reading. Gross profit derives cost-of-goods from the per-line P&L coding on Xero bill lines (accounts typed COGS / DIRECTCOSTS), not the bank-feed category descriptor — so flipping an account to COGS pulls its spend into the GP% on the dashboard panel, the customer LTV card, and the agent revenue-summary API.

  • API keys — issuing scoped keys, the READ_SENSITIVE toggle, and the Last sensitive access audit stamp.
  • Budget Tracker + Builder — how the forecast engine consumes account categories.

Released under a proprietary license.

Copyright © 2026 Cash Runway