Bug: OAuth 2.0 State Parameter fails with Pipe Delimiters (RFC 6749 Non-Compliance)

https://accounts.zoho.com/oauth/v2/auth?response_type=code
    &client_id=<client_id>
    &scope=<scope>
    &redirect_uri=<redirect_uri>
    &access_type=offline
    &state=<state_value>

// Instead of using pipes as delimiters:
state = csrf_token + "|" + user_id + "|" + redirect_path;
// ❌ This breaks Zoho's authorization flow

// Developers must use alternative approaches:
state = csrf_token + "_SEP_" + user_id + "_SEP_" + redirect_path;
// or
state = base64_encode(json_encode({"csrf": token, "user": id, "path": path}));
// or
state = csrf_token; // Store other data server-side keyed by CSRF token

• Topic Participants

• Damien Cregan

  

• Sticky Posts

• Deprecation of SMS-based multi-factor authentication (MFA) mode

  Overview of SMS-based OTP MFA mode The SMS-based OTP MFA method involves the delivery of a one-time password to a user's mobile phone via SMS. The user receives the OTP on their mobile phone and enters it to sign into their account. SMS-based OTPs offer

• Recent Topics

• Boost your Zoho Desk's performance by archiving tickets!

  The longer your help desk operations are, the more likely it is to accumulate tickets that are no longer relevant. For example, ticket records from a year ago are typically less relevant than currently open tickets. Such old tickets may eventually lead

• Collapsing and expanding of lists and paragraphs

  hello Would you ever implement Collapsing and expanding of lists and paragraphs in zoho writer ? Best regards

• New Custom View -Sorting the Custom fields

  While creating a New Custom View in invoice , Customers, Bills ,expense etc , the sorting of custom fields are not available , a query function "order by / sort by  " may also be included in  Define new criteria module  which will be more beneficial to

• Make CAMPAIGNS email look as simple as possible

  Hi there I'm trying to make my Campaigns email look as much like a normal email as possible. I'm a bit stuck with the "justification" of the email email block. Can I LEFT JUSTIFY the "whole email" to make it look "normal"? (Please see screenshot attached)

• [Webinar] Top 10 Most Used Zoho Analytics Features in 2025

  Zoho Analytics has evolved significantly over the past year. Discover the most widely adopted features in Zoho Analytics in 2025, based on real customer usage patterns, best practices, and high-impact use cases. Learn how leading teams are turning data

• Sorry! we encountered some problems while sending your campaign. It will be sent automatically once we are ready. We apologize for the delay caused.

  Hello. Lately we are having problems with some campaigns, which show us this error message. Sorry! we encountered some problems while sending your campaign. It will be sent automatically once we are ready. We apologize for the delay caused. We can't find

• Can I remove or divert certain contacts from an active Campaigns workflow?

  I have created a workflow in Zoho Campaigns, which sends different emails, once contacts have been added to a mailing list. To choose which email to send to the contacts, there are conditions, which divert contacts based on their company type and their company size. There was a subsection of this workflow, where company size wasn't selected correctly, and some contacts have been sent down the wrong path and received the wrong email. The workflow contains a reminder loop and a further series of emails.

• How to map fields from Zoho Recruit to Zoho People

  I've got these fields from my Job Offer that I'm trying to map to the Work information fields in Zoho People, but they arent showing up. For example, how do I get the department name field (in the job post) to map to the work information field in Zoho

• UTM in zoho campaigns

  Helloo everybody!!! Someone know how IF ZOHO CAMPAIGNS has UTM for tracking the url of any campaigns. thank u

• Full Context of Zoho CRM Records for Zia in Zoho Desk for efficient AI Usage

  Hello everyone, I have a question regarding the use of Zia in Zoho Desk in combination with CRM data. Is it possible to automatically feed the complete context of a CRM record into Zia, so that it can generate automated and highly accurate responses for

• Knowledge base printing

  I saw a posting about printing the knowledge base as I was looking for the answer, but we would like the ability to print out the entire knowledge base with a click, keeping the same organization format.   Bonus would include an index of keywords and

• Search not working!

  I have items in my notebook tagged but when I search for a tag nothing comes up! Any fix for this?

• Zoho Books | Product updates | January 2026

  Hello users, We’ve rolled out new features and enhancements in Zoho Books. From e-filing Form 1099 directly with the IRS to corporation tax support, explore the updates designed to enhance your bookkeeping experience. E-File Form 1099 Directly With the

• Updates for Zoho Campaigns: Merge tag, footer, and autoresponder migration

  Hello everyone, We'd like to inform you of some upcoming changes with regard to Zoho Campaigns. We understand that change can be difficult, but we're dedicated to ensuring a smooth transition while keeping you all informed and engaged throughout the process.

• File Upload field not showing in workflow

  Hi, I have added a field on Zoho CRM. I want to use it in a workflow where that particular field is updated based on another field, however it is not showing up in the field list to select it in the workflow. Why is this please?

• Drag 'n' Drop Fields to a Sub-Form and "Move Field To" Option

  Hi, I would like to be able to move fields from the Main Page to a Sub-Form or from a Sub-Form to either the Main Page or another Sub-Form. Today if you change the design you have to delete and recreate every field, not just move them. Would be nice to

• Sharing my portal URL with clients outside the project

  Hi I need help making my project public for anyone to check on my task. I'm a freelance artist and I use trello to keep track on my client's projects however I wanted to do an upgrade. Went on here and so far I'm loving it. However, I'm having an issue sharing my url to those to see progress. They said they needed an account to access my project. How do I fix this? Without them needing an account.

• How do i integrate google analytics to Zoho Campaigns?

  Looking to track Zoho Traffic from email Current topic is outdated

• How do teams manage meeting follow-ups across Zoho tools?

  We’re using Zoho tools for collaboration and tracking, but managing meeting notes, action items, and follow-ups across teams is still challenging. Curious how others are handling this within Zoho workflows. Are there best practices or integrations that

• Customize Colors used on graphs and charts according to users desire.

  It would be great if we could customize the graph's colors as we see fit. I hate that yellow is always the default color!

• Let us view and export the full price books data from CRM

  I quote out of CRM, some of my clients have specialised pricing for specific products - therefore we use Price Books to manage these special prices. I can only see the breakdown of the products listed in the price book and the specialised pricing for

• Mejoras urgentes para ZOHO MEETING

  Tengo unos meses usando Zoho Meeting. En general, es buena, pero hay cosas vitales que no logra cumplir con mínima calidad. 1) Calidad de audio y video: urge mejoras. Audio con retraso, imagen borrosa, mal recorte de silueta con fondos virtuales. Además,

• Multiple header in the quote table???

  Hello, Is it possible in Zoho CRM to add multiple headers or sections within the Quote product table, so that when the quote is printed it shows separate sections (for example “Products” and “Services”)? To clarify, I’m asking because: This does not appear

• Saving sent email campaign as PDF

  I'm looking to add all campaigns sent to an archive folder in sharepoint. Is there anyway to accomplish this in Zoho Flow ? I'm falling at the first hurdle ... can I automatically save a sent campaign as a PDF to a folder location ?

• Exporting All Custom Functions in ZohoCRM

  Hello, All I've been looking for a way to keep about 30 functions that I have written in Zoho CRM updated in my own repository to use elsewhere in other instances. A github integration would be great, but a way to export all custom functions or any way

• How can Data Enrichment be automatically triggered when a new Lead is created in Zoho CRM?

  Hi, I have a pipeline where a Lead is created automatically through the Zoho API and I've been trying to look for a way to automatically apply Data Enrichment on this created lead. 1) I did not find any way to do this through the Zoho API; it seems like

• Conditional Layouts On Multi Select Field

  How we can use Conditional Layouts On Multi Select Field field? Please help.

• Appreciation to Qntrl Support Team

  We are writing this topic to appreciate the outstanding level of support from Qntrl Team. We have been using Qntrl since 2022 after shifting from another similar platform. Since we joined Qntrl, the team has shown a high level of professionalism, support,

• How can I hide "My Requests" and "Marketplace" icon from the side menu

  Hello everybody, We recently started using the new Zoho CRM for Everyone. How can I hide "My Requests" and "Marketplace" from the side menu? We don't use these features at the moment, and I couldn't find a way to disable or remove them. Best regards,

• Whatsapp Integration on Zoho Campaign

  Team: Can the messages from Zoho Campaign delivered through Whatsapp... now customers no longer are active on email, but the entire campaign module is email based.... when will it be available on whatsapp.... are there any thirdparty providers who can

• Mandatory Field - but only at conversion

  Hello! We use Zoho CRM and there are times where the "Lead Created Date & Time" field isn't populated into a "Contractor" (Account is the default phrase i believe). Most of my lead tracking is based on reading the Lead Created field above, so it's important

• Different Task Layouts for Subtasks

  I was wondering how it would be possible for a subtask to have a different task layout to the parent task.

• Enable Free External Collaboration on Notecards in Zoho Notebook

  Hi Zoho Notebook Team, I would like to suggest a feature enhancement regarding external collaboration in Zoho Notebook. Currently, we can share notes with external users, and they are able to view the content without any issue. However, when these external

• Using data fields in Zoho Show presentations to extract key numbers from Zia insights based on a report created

  Is it possible to use data fields in Zoho Show presentations along with Zoho Analytics to extract key numbers from Zia insights based on a report created? For example, using this text below: (note that the numbers in bold would be from Zia Insights) Revenue

• Free webinar: AI-powered agreement management with Zoho Sign

  Hi there! Does preparing an agreement feel like more work than actually signing it? You're definitely not alone. Between drafting the document, managing revisions, securing internal approvals, and rereading clauses to make sure everything still reflects

• WhatsApp Channels in Zoho Campaigns

  Now that Meta has opened WhatsApp Channels globally, will you add it to Zoho Campaigns? It's another top channel for marketing communications as email and SMS. Thanks.

• CRM For Everyone - Bring Back Settings Tile View

  I've been using CRM for Everyone since it was in early access and I just can't stand the single list settings menu down the left-hand side. It takes so much longer to find the setting I need. Please give users the option to make the old sytle tile view

• Lets have Dynamics 365 integration with Zohobooks

  Lets have Dynamics 365 integration with Zohobooks

• Add notes in spreadsheet view

  It would be great if we could Add/edit notes in the spreadsheet view of contacts/leads. This would enable my sales teams to greatly increase their number of calls. Also viewing the most recent note in the Contact module would also be helpful.

• Opening balances - Accounts Receivable and Payable

  Our accounting year starts on 1st August 2013 and I have a Trial Balance as at that date, including Accounts Receivableand Accounts Payable balances, broken down by each customer and supplier. Q1 - do I show my opening balance date as 31st July 2013 or

• Next Page