Kaizen #2 - OAuth2.0 and Self Client #API

Kaizen #2 - OAuth2.0 and Self Client #API

Hi everyone!

Welcome back to another week of Kaizen! 

In this post, we will shed some light on the OAuth2.0 protocol and how you can use Zoho's Self Client option to authenticate your application and generate the tokens.

What is OAuth2.0?
OAuth 2.0 is an industry standard protocol specification that enables third-party applications (clients) to gain delegated access to protected resources in Zoho via an API.

Why should we use OAuth2.0?
  • Clients are not required to support password authentication or store user credentials.
  • Clients gain delegated access, i.e., access only to resources authenticated by the user.
  • Users can revoke client's delegated access anytime.
  • OAuth access tokens expire after a set time. If the client faces a security breach, user data will be compromised only until the access token is valid.

To use the Zoho CRM APIs, you must authenticate the application to make API calls on your behalf with an access token.

The access token, in return, must be obtained from a grant token (authorization code).

Zoho CRM APIs use the authorization code grant type to provide access to protected resources.
In this type,
  1. The web application redirects the user to the OAuth server.
  2. The user sees the authorization prompt and approves the app's request as shown in the below image.

  3. The user is redirected back to the application with an authorization code in the query string.

  4. The application exchanges the authorization code for an access token.
As you can see, this involves user intervention while authorizing your application.

When should you use Self Client?

If your application is a stand-alone application that performs only back-end jobs like data-sync(without any manual intervention), you cannot use this authorization code flow. 

In the below example image, the data sync happens between Zoho CRM and your legacy Product Management system. So, it is perfect to use the Self Client option as it does not need an UI for this type of application. Using this flow, you can generate the grant token, access, and refresh tokens.


How to use Self Client?
1. Go to Zoho Developer Console and log in with your Zoho CRM username and password.

2. Choose Self Client from the list of client types.


3. Click Create on the Create New Client page and click OK in the pop up to enable a self client for your account.

4. Now, your client ID and secret is displayed under the Client Secret tab.


5. Click the Generate Code tab to generate the Grant token.
The grant token is a temporary token generated by the authorization server (Zoho CRM, here) to generate access and refresh tokens.
Before generating the grant token, you must decide the scope you need. Scope decide the level of access a client can have to a resource.
Refer to our list of scopes, for more details.

a. Click the Generate Code tab and enter the required scope separated by commas.
b. Select the Time Duration for which the grant token is valid. Please note that after this time, the grant token expires.
c. Enter a description and click Generate.
d. The generated code for the specified scope is displayed. Copy the grant token.
e. Please note that generating grant token is a one-time process, provided you generate the access and refresh tokens within the time the grant token is valid for.

6. Generate the Access and Refresh tokens using Postman or any REST client.
a. Open Postman.
b. Make a POST request with the following URL.
"{{accounts-domain}}/oauth/v2/token"
{{accounts-domain}} is the domain-specific URL in which you registered your client.
c. Pass the below keys and their values in the body of the request.



d. Hit Send. The access and refresh tokens are displayed in the response.

 e. The access token is valid for an hour from generation. 
 f. The refresh token does not expire. You can use this to refresh your access token when they expire.

Quick tip: Enter all the required keys and values in Postman before you generate the token. This way, you will only have to paste the grant token after its generation, thereby reducing the risk of its expiration before you generate the tokens.

7. Store the access and refresh tokens and use the access token when you make API calls.

​8. Write a script that will call the below token refresh URL before the time the access token expires.
"{{accounts-domain}}/oauth/v2/token?client_id={{client_id}}&client_secret={[client_secret}}&refresh_token={{generated_refresh_token}}&grant_type=refresh_token"


Other useful links:
Bulk Read API to export data in bulk from CRM
Bulk Write API to import data from a database to CRM

We will meet you next week with another exciting topic!


Cheers!






    • Sticky Posts

    • Kaizen #198: Using Client Script for Custom Validation in Blueprint

      Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

    • Kaizen #226: Using ZRC in Client Script

      Hello everyone! Welcome to another week of Kaizen. In today's post, lets see what is ZRC (Zoho Request Client) and how we can use ZRC methods in Client Script to get inputs from a Salesperson and update the Lead status with a single button click. In this

    • Kaizen #222 - Client Script Support for Notes Related List

      Hello everyone! Welcome to another week of Kaizen. The final Kaizen post of the year 2025 is here! With the new Client Script support for the Notes Related List, you can validate, enrich, and manage notes across modules. In this post, we’ll explore how

    • Kaizen #217 - Actions APIs : Tasks

      Welcome to another week of Kaizen! In last week's post we discussed Email Notifications APIs which act as the link between your Workflow automations and you. We have discussed how Zylker Cloud Services uses Email Notifications API in their custom dashboard.

    • Kaizen #216 - Actions APIs : Email Notifications

      Welcome to another week of Kaizen! For the last three weeks, we have been discussing Zylker's workflows. We successfully updated a dormant workflow, built a new one from the ground up and more. But our work is not finished—these automated processes are

    • Recent Topics

    • Cannot connect to imap.zoho.eu on iOS26

      Hey, I recently migrated to another iPhone and since then use iOS26. Every since then, I was not able to connect to "imap.zoho.eu" from Apple Mail. I tried deleting the account and adding it again, did not work. I tried creating an app password, didn't

    • Personalize your booking pages with Custom CSS

      Greetings from the Zoho Bookings team! We’re introducing Custom CSS for Zoho Bookings, designed to give you complete control over the look and feel of your booking pages. With this new feature, you can upload your own CSS file to customize colors, fonts,

    • Marketer's Space: Plan smarter with Zoho Campaigns' Calendar

      Hello Marketers, Welcome to another post! Today, we'll talk about a discreet yet significant feature that's neatly tucked inside Zoho Campaigns: the calendar. It might look like an optional but somewhat unnecessary feature that you can use occasionally,

    • User

      If user is already part of manage engine endpoint central , what hapens when i try to add them to another Zoho org / directory? Are these users added as external users?

    • Create static subforms in Zoho CRM: streamline data entry with pre-defined values

      Last modified on (9 July, 2025): This feature was available in early access and is currently being rolled out to customers in phases. Currently available for users in the the AU, CA, and SA DCs. It will be enabled for the remaining DCs in the next couple

    • Outlook - Zoho CRM Calendar Integration

      I'm facing an issue integrating Outlook with Zoho CRM. Has anyone successfully connected their Outlook to Zoho, and are all your meetings and emails being captured correctly in the CRM? Any insights or troubleshooting tips would be appreciated

    • 【Zoho CRM】ポータル機能のアップデート

      ユーザーの皆さま、こんにちは。コミュニティチームの藤澤です。 今回は「Zoho CRM アップデート情報」の中から、ポータル機能のアップデートをご紹介します。 ポータル管理の新機能「自動招待」により、Zoho CRMからポータルへの招待を自動化できるようになりました。これまで必要だった、ユーザーごとの手動設定は不要になります。設定した条件に基づいて、対象ユーザーに自動で招待が送信されます。 ポータルの新機能 条件に基づく自動招待:指定した条件を満たすユーザーに、自動で招待を送信 招待設定:招待メールの言語を選択し、言語ごとに条件を設定可能

    • Contact data removes Account data when creating a quote

      Hi, Our customer has address fields in their quote layout which should be the address of the Account. They prefill the information, adding the account name - the address data is populated as per what is in the account - great. However when they then add

    • Export all of our manuals from Zoho Learn in one go

      Hi, I know there's a way to export manuals in Zoho Learn, but I want to export everything in one go so it won't take so long. I can't see a way to do this, can I get some assistance or is this a feature in the pipeline? Thanks, Hannah

    • Automation#31: Automate Splitting Names for New Contact Records

      Hello Everyone, This week, we present to you a custom function, which allows you to split the first and last names from the user's email ID based on the separator used in the ID. Having grown into a large firm, Zylker Techfix aims to optimize its processes,

    • Automatically remove commas

      Team, Please be consistent in Zoho Books. In Payments, you have commas here: But when we copy and paste the amount in the Payments Made field, it does not accept it because the default setting is no commas. Please have Zoho Books remove commas autom

    • Project Change Orders and Additions

      We are in the process of migrating from QuickBooks Online to Zoho Books. We have Zoho One and like the ability to sync all of our data across everything. And I like that projects work in a way that's less dumb than QuickBooks. I'm trying to figure out

    • ZOHO Desk - Description of slave ticket disappeared after Merge

      Dear Support, On Zoho Desk the description of a ticket disappeared after merging two ticket. The one which was the slave one completely disappeared. The problem that in this description there was an image which i had only on Desk in that ticket. Could

    • How do I insert a cross-reference link to a different section within one Knowledge Base article using Zoho Desk?

      I would like to insert a link within a Knowledge Base article to a different section of that same article. The section I want to link to is formatted with the Heading 3 style and is displayed within my TOC. However, I do not see any way to add a link

    • Problem Adding Facebook Account

      Hi, I'm new here, I'm having trouble setting up my Facebook account as a social channel. I think the issue is down to how my Facebook is set up, which is pretty confusing. I have a personal Facebook account (let’s called it A) which is my main Facebook

    • Zoho Desk Teams App is not loading

      Hi Zoho Desk support. Need an assistance on the Zoho Desk Teams app. Once I click View Ticket, it isn't showing anything. Kindly refer to attached: ZohoDesk Teams App_View Ticket Error.jpg For our Dashboard, we are still experiencing the same issue. Kindly

    • Zoho People - Retrieve the Leave Details - get("LeaveCount")

      Hi, Zoho People I need to collect all of an employee's leave requests for the calendar year and check how many half-days they have taken. If I run the script on the query he just modified, I can retrieve the information related to that query and use the

    • Mapping a new Ticket in Zoho Desk to an Account or Deal in Zoho CRM manually

      Is there any way for me to map an existing ticket in Zoho desk to an account or Deal within Zoho CRM? Sometimes people use different email to put in a ticket than the one that we have in the CRM, but it's still the same person. We would like to be able

    • Which WhatsApp API works seamlessly with Zoho CRM?

      I’m exploring WhatsApp API solutions that integrate seamlessly with Zoho CRM for customer communication, lead nurturing, and automation. I would love to hear insights from those who have successfully implemented WhatsApp within Zoho CRM. My Requirements:

    • Allow people to sign a zoho form by using esign or scanned signature

      Allow people to sign a zoho form by using esign or scanned signature

    • Button to Reapply Filters on Sheet(s)

      I wrote a macro that I attached to a button to reapply the filters on all my sheets and it says it works, but it doesn't actually do anything. What is wrong with it? Is there another way? Or even make it work for one sheet? Sub UniversalFilterRefresh()

    • Integrate Multiple ZohoBooks organization with zoho projects

      We have successfully connected our Zoho Books with Zoho Projects for synronizing timesheet data. Our Business specialty is, that the staff of the Main company (A) is working on several projects, but the Clients are sometimes contracted and paying to a

    • Zoho OAuth Connector Deprecation and Its Impact on Zoho Desk

      Hello everyone, Zoho believes in continuously refining its integrations to uphold the highest standards of security, reliability, and compliance. As part of this ongoing improvement, the Zoho OAuth default connector will be deprecated for all Zoho services

    • How do I add todays date to merge field

      I don't see any selection of todays date when creating a letter. Surely the date option of printing is standard? John

    • Tracking Emails sent through Outlook

      All of our sales team have their Outlook 365 accounts setup with IMAP integration. We're trying to track their email activity that occurs outside the CRM. I can see the email exchanges between the sales people and the clients in the contact module. But

    • Whats that

      Price?

    • The same Contact associated to multiple Companies - Deals

      Hi, I would like to know if there is an option to associate the same contact with multiple companies (two or more) deals, using the same contact details for all. This is because we have contacts who are linked to different companies or branches of the

    • Portals-Adjust Column Sizes

      I am trying to adjust the column widths in Portals tabs. Columns that don't need to be wide are wide and longer ones are very short. I thought adding more to the digits box in Edit would widen them, but it doesn't. Anyone know how to adjust these?

    • Add link/button to open approved record from approval list and detail views?

      Hi, How do I allow users to click on an approval record and open that submission? For example, userA submits a quotation then userB approves/rejects. They both can see the quotation on "completed task" list & detail views, but there's no way for them

    • record submitted from creator and invoice is creating in books , but the workflow of books is not tiggering on create of record in books

      record submitted from creator and invoice is creating in books , but the workflow of books is not tiggering on create of record in books headermap = Map(); headermap.put("X-ZOHO-Execute-CustomFunction","true"); response_inv = invokeurl [ url :"https://www.zohoapis.com/books/v3/invoices/fromsalesorder?salesorder_id="

    • Prevent editing of a record after getting approved/rejectedr

      Hi, I'd like to block any user from editing a record after it was approved or rejected, how can I do that?

    • Formula Field/Campo de Fórmula

      Hello everyone, I have a purchase requisition form in which each department submits a request, and the request is automatically routed to the person responsible for that department. In this form, I have several fields with the following link names: Quantidade1,

    • Formatting Problem | Export to Zoho Sheet View

      When I export data to Zoho Sheet View, ID columns are automatically formatted as scientific notation. Reformatting them to text changes the actual ID values. For example, 6557000335603071 becomes 6557000335603070. I have attached screenshots showing this

    • Feature Request - The Ability to Link A Customer with a Vendor

      Hi Finance Suite Team, Many businesses buy and sell products from the same companies or individuals. For example, a car sales business may buy a car from a member of the public, and that member of the public may also buy a new car from us. This makes

    • Long table name (sync from Zoho Creator)

      Dears, How can I remove the suffix in parentheses? These tables are synced from Zoho Creator and are treated as system tables, so their names cannot be changed. This issue makes the aggregation formulas look awful.

    • [Free Webinar] Learning Table Series - Streamlining incident management process with Zoho Creator

      Hello everyone, We’re excited to invite you to another edition of the Learning Table Series webinar. As you may already know, we've moved to a purpose-based approach in the Learning Table Series this year. Each session now focuses on how a Zoho Creator

    • Unattended - Silent

      How can I hide the tray icon / pop up window during unattended remote access for silent unattended remote access?

    • Importing into Multiselect Picklist

      Hi, We just completed a trade show and one of the bits of information we collect is tool style. The application supplied by the show set this up as individual questions. For example, if the customer used Thick Turret and Trumpf style but not Thin Turret,

    • Text snippet

      There is a nice feature in Zoho Desk called Text Snippet. It allows you to insert a bit of text anywhere in a reply that you are typing. That would be nice to have that option in Zoho CRM as well when we compose an email. Moderation Update: We agree that

    • Marketing Tip #18: Make your online store mobile-friendly to improve traffic

      Most online shoppers browse on their phones first. If your store is hard to read, slow to load, or tricky to navigate on mobile, they’ll bounce fast. A mobile-friendly store doesn’t just look nice; it improves engagement, reduces drop-offs, and helps

    • Next Page