Hello all,
This post is *applicable* only for users who have built applications or integrations using REST API and use Authtoken for authentication and authorization in their REST API client. This is *not applicable* for users using POP/ IMAP/ Active Sync email clients for accessing their accounts.
At Zoho, we have been supporting Authtoken based connections for REST API, which uses Authtokens for authentication. When using the Authtoken, the client application uses the username and password to generate an authtoken which the application passes with every request. This mode of authentication, makes it easier for hackers and attackers with the advanced tools and hacking methods to gain access to the user accounts and thereby misuse the account or involve in data theft. Hence we are deprecating support for Authtoken soon, to ensure that your data is secure and accessed via standard .
We have been actively supporting the modern and secure authentication methods based on
OAuth 2.0 for user authentication and authorization. OAuth 2.0 is more secure compared to authentication via Authtoken. Most of our users have already switched to OAuth 2.0 authentication and find it secure and easy to implement with their applications.
We will be deprecating support for authtokens from December 15, 2020. If your applications built using Zoho API, authenticate via Authtoken, you need to migrate your application to use Zoho OAuth 2.0 for authentication as early as possible. Refer the detailed steps to migrate your REST API based application in
this help page.
Feel free to write to our support team at support (at) zohomail (dot) com in case you need further assistance in this regard.
Thanks,
Ramya A