Kaizen #2 - OAuth2.0 and Self Client #API
Hi everyone!
Welcome back to another week of Kaizen!
In this post, we will shed some light on the OAuth2.0 protocol and how you can use Zoho's Self Client option to authenticate your application and generate the tokens.
What is OAuth2.0?
OAuth 2.0 is an industry standard protocol specification that enables third-party applications (clients) to gain delegated access to protected resources in Zoho via an API.
Why should we use OAuth2.0?
- Clients are not required to support password authentication or store user credentials.
- Clients gain delegated access, i.e., access only to resources authenticated by the user.
- Users can revoke client's delegated access anytime.
- OAuth access tokens expire after a set time. If the client faces a security breach, user data will be compromised only until the access token is valid.
To use the Zoho CRM APIs, you must authenticate the application to make API calls on your behalf with an access token.
The access token, in return, must be obtained from a grant token (authorization code).
Zoho CRM APIs use the authorization code grant type to provide access to protected resources.
In this type,
- The web application redirects the user to the OAuth server.
- The user sees the authorization prompt and approves the app's request as shown in the below image.
- The user is redirected back to the application with an authorization code in the query string.
- The application exchanges the authorization code for an access token.
As you can see, this involves user intervention while authorizing your application.
When should you use Self Client?
If your application is a stand-alone application that performs only back-end jobs like data-sync(without any manual intervention), you cannot use this authorization code flow.
In the below example image, the data sync happens between Zoho CRM and your legacy Product Management system. So, it is perfect to use the Self Client option as it does not need an UI for this type of application. Using this flow, you can generate the grant token, access, and refresh tokens.
How to use Self Client?
2. Choose Self Client from the list of client types.
3. Click Create on the Create New Client page and click OK in the pop up to enable a self client for your account.
4. Now, your client ID and secret is displayed under the Client Secret tab.
5. Click the Generate Code tab to generate the Grant token.
The grant token is a temporary token generated by the authorization server (Zoho CRM, here) to generate access and refresh tokens.Before generating the grant token, you must decide the scope you need. Scope decide the level of access a client can have to a resource.
Refer to our list of scopes, for more details.a. Click the Generate Code tab and enter the required scope separated by commas.
b. Select the Time Duration for which the grant token is valid. Please note that after this time, the grant token expires.c. Enter a description and click Generate.d. The generated code for the specified scope is displayed. Copy the grant token.e. Please note that generating grant token is a one-time process, provided you generate the access and refresh tokens within the time the grant token is valid for.
6. Generate the Access and Refresh tokens using Postman or any REST client.
a. Open Postman."{{accounts-domain}}/oauth/v2/token"{{accounts-domain}} is the domain-specific URL in which you registered your client.c. Pass the below keys and their values in the body of the request.
d. Hit Send. The access and refresh tokens are displayed in the response.
e. The access token is valid for an hour from generation.
f. The refresh token does not expire. You can use this to refresh your access token when they expire.
Quick tip: Enter all the required keys and values in Postman before you generate the token. This way, you will only have to paste the grant token after its generation, thereby reducing the risk of its expiration before you generate the tokens.
7. Store the access and refresh tokens and use the access token when you make API calls.
8. Write a script that will call the below token refresh URL before the time the access token expires.
"{{accounts-domain}}/oauth/v2/token?client_id={{client_id}}&client_secret={[client_secret}}&refresh_token={{generated_refresh_token}}&grant_type=refresh_token"
Other useful links:
We will meet you next week with another exciting topic!
Cheers!
Topic Participants
Shylaja S
alexb
Praveen Sankar
Vyas
martin wheeler
Sticky Posts
Kaizen #217 - Actions APIs : Tasks
Welcome to another week of Kaizen! In last week's post we discussed Email Notifications APIs which act as the link between your Workflow automations and you. We have discussed how Zylker Cloud Services uses Email Notifications API in their custom dashboard.Kaizen #216 - Actions APIs : Email Notifications
Welcome to another week of Kaizen! For the last three weeks, we have been discussing Zylker's workflows. We successfully updated a dormant workflow, built a new one from the ground up and more. But our work is not finished—these automated processes areKaizen #152 - Client Script Support for the new Canvas Record Forms
Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achievedKaizen #142: How to Navigate to Another Page in Zoho CRM using Client Script
Hello everyone! Welcome back to another exciting Kaizen post. In this post, let us see how you can you navigate to different Pages using Client Script. In this Kaizen post, Need to Navigate to different Pages Client Script ZDKs related to navigation A.Kaizen #210 - Answering your Questions | Event Management System using ZDK CLI
Hello Everyone, Welcome back to yet another post in the Kaizen Series! As you already may know, for the Kaizen #200 milestone, we asked for your feedback and many of you suggested topics for us to discuss. We have been writing on these topics over the
Recent Topics
Don't understand why Forms Mobile Scan and Fill not working
I have configure enabled mobile scan and fill, I have enabled QR and Bar code on two fields name and position, I have mapped seq 1 to Name and seq 2 to position, I have created a 2d QR code with the person names and position, seperated by a comma. WhenRecurring Supervisor Rule Reminders for Open/In-Progress Tickets
Hello Zoho Support Team, I would like to suggest a potential improvement regarding reminders for tickets and activities in Zoho Desk. Currently, it is possible to set reminders only once. In the Supervisor Rules section, it is possible to configure remindersTemplate usage
Hi, We are using some templates as a response to customer questions. Is it possible to analyze the usage of these templates? We want to know if the use of our templates has increased over timeTicket Status Colors
Can i change the colors of Ticket Status in the admin panel? Or even change the background of the entire cell of a Critical ticket? This way its easy for my agents to see a urgent ticket when it comes in. Right now everything is black text. Here RightSync Lookup Fields from Zoho CRM
HI Team, I have synced a lookup field from my CRM data to Campaigns. When I view the synced data the field appears to display a Zoho CRM record ID rather than the text value. Is it possible to get the sync to import the text value rather than the CRMNew From Address cannot verify
I have created a new From Address, which is the support@ address for my domain, that forwards to the default support mailbox. Presumably then, the verification email that is sent, should turn up as a ticket, but it does not. How can I verify my from address so that I can use my own domain?issue with image thumbnails not showing in Image Selector
We have been using Zoho Campaigns for over a year, maybe close to two years, and this issue just started happening in the last month. I wanted to wait to see if it would resolve on it's own, and it doesn't seem to be. The thumbnail images for all newDeluge Script for adding tag
Trying to create a custom function where a tag is added to a record - but for the life of me, I cannot figure out how. Help please! Moderation Update: Adding the help doc and sample to add Tags to records via deluge here for everyone's benefit. tag1 =Unlock your Zoho Vault with OneAuth, Windows Hello, TouchID, YubiKey, and many more!
Hello everyone, We are thrilled to introduce one of the most highly requested features – the ability to unlock your Zoho Vault using various authenticators. The primary purpose of a password manager is to remember just one master password and securelyCreator roadmap for the rest of 2022
Hi everyone, Hope you're all good! Thanks for continuing to make this community engaging and informative. Today we'd like to share with you our plans for the near future of Creator. We always strive to strike a good balance of features and enhancementsHow can I get base64 string from filecontent in widget
Hi, I have a react js widget which has the signature pad. Now, I am saving the signature in signature field in zoho creator form. If I open the edit report record in widget then I want to display the Signature back in signature field. I am using readFileAdd Setting Values to the Rules
Hi, It would be great to use the rules to set values in fields for submission, such as if a Type is X then set the Field Y to 10. Thanks DanSo we ran with it for the week
In our company i bit the bullet and ran with FSM for a whole week. Service calls, deliveries and surveys. Covering about 30-120 miles a day to domestic properties. Loved the appointment list and satnav integration. Loved the timer to measure the appointments.Is there a way to set Document Owner/Sender via the API
When sending requests for zoho sign, it would seem zoho uses the id of the person that created the zoho api cred to determine the owner_id, is there a way to set a default for this?What's New - September 2025 | Zoho Backstage
September has been a different month for Zoho Backstage. Instead of rolling out a long list of new features, we focused on something just as important: Performance, reliability, and stability The event season is in full swing, and organizers are runningPrevent stripping of custom CSS when creating an email template?
Anyone have a workaround for this? Zoho really needs to hire new designers - templates are terrible. A custom template has been created, but every time we try to use it, it strips out all the CSS from the head. IE, we'll define the styles right in the <head> (simple example below) and everything gets stripped (initially, it saves fine, but when you browse away and come back to the template, all the custom css is removed). <style type="text/css"> .footerContent a{display:block !important;} </style>Stock Quotes/Spreadsheet
It would be nice if we could download security and mutual fund prices from Yahoo Finance (or?) in order to maintain an up to date investment portfolio on Zoho. Any chance?link to any Belgian bookkeeping software?
Hello, Does anyone on this Forum can help me with the question whether the ZOHO CRM (Invoices) or ZOHO Book can be linked to software that is used for Belgian Bookkeeping/accountancy? By linking, I mean either with the help of a middleware program or either by the ability to export the custom made reports as CSV-files... If someone has an experience with online CRM-Accountancy in Belgium, with ZOHO (or other), it would be great to read it... Thank youmarketing automation
wants to know about the zoho marketing automationProblems with email templates (HTML - Outlook)
Hi there, I've been trying to create a newsletter from the template "Business 4". Everything looks great in the preview, but when I send it to my Outlook inbox, the layout doesn't seems to stick. More particularly: - The line-height is way more reduced, even though I used the line-height tool from the template - Columns but they are sometimes misaligned - Font size is not always the one I've selected. Could you help? Thanks!How to create a drop down menu in Zoho Sheets
I am trying to find out, how do I create a drop down option in Zoho sheet. I tried Data--> Data Validation --> Criteria --> Text --> Contains. But that is not working, is there any other way to do it. Thanks in Advance.Introducing Keyboard Shortcuts for Zoho CRM
Dear Customers, We're happy to introduce keyboard shortcuts for Zoho CRM features! Until now, you might have been navigating to modules manually using the mouse, and at times, it could be tedious, especially when you had to search for specific modulesZoho CRM's custom views are now deployable from sandboxes
This feature is now available for users in the AU, JP, and CN DCs. This feature is now available for users in CA and SA DCs. New update: This feature is now available for users in all DCs. Hello everyone, We're excited to announce that you can now deployZoho One - Syncing Merchants and Vendors Between Zoho Expense and Zoho Books
Hi, I'm exploring the features of Zoho One under the trial subscription and have encountered an issue with syncing Merchant information between Zoho Expense and Zoho Books. While utilizing Zoho Expense to capture receipts, I noticed that when I submitLimit in number of records for subforms and multi-select lookup fields
It is my understanding that a maximum of 100 items can be selected in a multi-select lookup field, and that a total of 200 items can be selected in total between both subforms in a given module. Are there any ways to work around this limitation if weKaizen #136 - Zoho CRM Widgets using ReactJS
Hey there! Welcome back to yet another insightful post in our Kaizen series! In this post, let's explore how to use ReactJS for Zoho CRM widgets. We will utilize the sample widget from one of our previous posts - Geocoding Leads' Addresses in ZOHO CRMGetting Permission denied to access this portal.
We have one user that can't login to projects even though access has been granted. This user can login to accounts.zoho.com but when login to https://projects.zoho.com/portals.do we get this error: Unauthorized login to this portal Permission denied to access this portal. Check your portal URL again. Sometimes we also get "server too busy". We have tried killing sessions (in accounts.zoho.com) and we have deleted cookies; and tried different computers and still the same problem. All others use canDoes Zoho Docs have a Line Number function ?
Hi, when collaborating with coding tasks, I need an online real time share document that shows line numbers. Does Zoho's docs offer this feature ? If yes, how can I show them ? Regards, FrankSetting Default Views for Custom, List and Detail Views
Hey, Is it possible to set a default custom view, list view and detail view for a module for every user? We are onboarding a lot of non technical people that struggle with these things. Setting the views as default would really help. Btw: also settingFilter Based API request in Zoho Books using POSTMAN
How do I GET only specified CONTACTS based on created time or modified time in Zoho Books using POSTMAN. In the api documentation, it is written we can apply filters but I need a sample request.URL validation
We use an internal intranet site which has a short DNS name which Zoho CRM will not accept. When attempting to update the field it says "Please enter a valid URL". The URL I am trying to set is http://intranet/pm/ Our intranet is not currently setup with a full DNS name and given the amount of links using the shortname probably isn't a feasible change for us.Has anyone been experiencing slow issues?
Dear all, I just want to ask if anyone has been experiencing slow issues with Zoho Creator in the past two weeks? I worked with the ISP to improve network quality by changing routes and upgrading bandwidth, but nothing changed. I am in Vietnam.Zoho Projects Roadshows 2025 - USA
Dear Users, After an amazing response to our roadshows in 2024, we are excited to be back for the second year in a row! Join our team of experts as they walk you through the most-used features in Zoho Projects, explore powerful automation capabilities,Billing Management: #6 Usage Billing in SaaS
Imagine a customer shuffling across multiple subscriptions, a streaming service, a music app, cloud storage, and a design tool. Each one charges a flat monthly fee, regardless of how much or how little they use. Some months, the customer barely opensIs there anyone who has been experiencing issues regarding the Zoho Creator Certification Website in the past 2 weeks?
Dear all , I just wanted to ask is there anyone who was planning on taking the Zoho Creator Developer Certification Test in the past 2 weeks and have been facing errors stating that the website is under maintennance and also not allowed to access theDirectly Edit, Filter, and Sort Subforms on the Details Page
Hello everyone, As you know, subforms allow you to associate multiple line items with a single record, greatly enhancing your data organization. For example, a sales order subform neatly lists all products, their quantities, amounts, and other relevantAllow syncing Activities from other applications
Marketing Automation could be a much more powerful platform if you were able to sync activities into the platform (e.g. purchase, donation, etc) outside of a user doing something on your website. I'd love it if you could sync Custom CRM Modules as activities,Global Sets for Multi-Select pick lists
When is this feature coming to Zoho CRM? It would be very useful now we have got used to having it for the normal pick lists.Integración Books para cumplir la ley Crea y Crece y Ley Antifraude (VeriFactu)
Hola: En principio, en julio de 2025, entra en vigor la ley Crea y Crece y Ley Antifraude (VeriFactu). ¿Sabéis si Zoho va a cumplir con la ley para cumplir con la facturación electrónica conectada a Hacienda? GraciasAsk the Experts #1
Hello everyone! It’s time to transform how you manage projects. Define the processes. Automate the tasks. Streamline the workflows. Let us dive into automation in Zoho Projects — from configuring workflows and custom functions to building triggers, usingNext Page