Kaizen #4 - Troubleshooting OAuth2.0

Hello everyone!

Welcome back to yet another post in Kaizen! Earlier in this series, we discussed OAuth2.0 and Self Client. In continuation of that, we will now discuss the various errors that you may face while using OAuth2.0 and how you can handle them.

For better understanding, we have grouped the errors based on the OAuth2.0 flow itself.

You may face errors while

1. Registering a client
   
2. Generating the authorization code (grant token)
   
   a. For web-based applications
   
   b. For self client applications
   
3. Generating access and refresh tokens from the grant token
   

1. Registering a Client

You can register a client in Zoho Developer Console either as a web application or a self client as displayed in the below image.

The below table explains the errors you may face while registering your client, and how you can handle them.

Error	Reason	Resolution
Enter a valid client name	The client name has a special character.	The client name must not contain any special characters except "_" and "&".
Enter a valid JavaScript Domain URI	The JavaScript domain is incorrect.	Specify valid JavaScript domains, separated by commas, and they must start with 'http'.
Enter a valid redirect URI	The redirect URI is incorrect.	Specify a valid redirect URI in the format "https://www.your-domain.com/callback".
Enter a valid homepage URL	The homepage URL is invalid.	Specify a valid homepage URL in the format "https://www.yourdomain.com".

The following images will give you an idea of these errors.

On a side note, the following are the mandatory entries for different client types. You will see an error when you do not specify any of these mandatory entries.

Client Type	Client Name	Homepage URL	Redirect URIs	JS Domains
Java Script	Y	Y	Y	Y
Web-based	Y	Y	Y	NA
Mobile	Y	Y	Y	NA
Self Client	N	N	N	NA
Device	Y	Y	N	NA

2. Generating the Authorization Code (Grant token)

As you already know, there are two ways in which you can generate the grant token based on the client type.

a. Web-based redirection

In this authorization flow,

1. The web application redirects the user to the Zoho OAuth server with the required scope in the Accounts URL.
   "https://accounts.zoho.com/oauth/v2/auth?scope=ZohoCRM.users.ALL&client_id={client_id}&response_type=code&access_type={"offline"or"online"}&redirect_uri={redirect_uri}".
2. As you can see, the request URL has the parameters "scope", "response_type", and "redirect_uri".
   
3. The user sees the authorization prompt and approves the app's request as shown in the below image.
   
   
   
4. The user is redirected back to the application with an authorization code in the query string.
   
   
   
5. The application exchanges the authorization code for an access token.
   

The user may face one of the below errors when the application makes an authorization request with one or many incorrect parameters mentioned in step 1.

Error	Reason	Resolution
ERROR_invalid_response_type	a) The value of the "response_type" key is not "code". b) You have not passed the mandatory keys in the request.	a) The value of the "response_type" key must be "code". b) Pass all the mandatory keys in the request to generate the grant token.
ERROR_invalid_client	The client ID is wrong or empty.	Pass the right client ID. You can check your client ID from the developer console.
ERROR_invalid_redirect_uri	The redirect URI value passed, and the one registered in the developer console mismatches.	Pass the right redirect URI.
ERROR_invalid_scope	The scope is invalid.	Pass valid scopes. You can refer to the list of scopes here.

As you can see, the scope ZohoCRM.user.ALL is incorrect and hence, the system throws the error.

The application must again make the authorization request with proper scopes.

b. Self Clients

After registering your application as a self client, you must provide the necessary scopes in the UI under the Generate Code tab.

The system throws an error when you enter one or more incorrect scopes.

Enter valid scopes and click Generate to generate the code as shown below.

3. Generating Access and Refresh Tokens from the Grant Token

To generate the access and refresh tokens,

1. Make a POST API call with the URL "{{accounts-domain}}/oauth/v2/token".
   
2. In the request body, pass the values of the following parameters.
   
   a. client_id
   
   b. client_secret
   
   c. redirect_uri
   
   d. code(this is the generated grant token)
   
   e. grant_type
   

You may face errors when one or more of the above parameters have a wrong value as shown in the below image.

Error	Reason	Resolution
invalid_client	a) You have passed an invalid Client ID or secret. b) Domain mismatch. You have registered the client and generated the grant token in a certain domain (US), but generating the tokens from a different domain (EU). c) You have passed the wrong client secret when multi-DC is enabled.	a) Specify the correct client ID and secret. b) Ensure that you generate the grant, access, and refresh tokens from the same domain using the same domain URL (or) Enable Multi-DC for your client to generate tokens from any domain. c) Each DC holds a unique client secret. Ensure to pass the right client secret for that DC.
invalid_code	a) The grant token has expired. b) You have already used the grant token. c) The refresh token to generate a new access token is wrong or revoked.	a) The grant token is valid only for one minute in the redirection-based flow. Generate the access and refresh tokens before the grant token expires. b) You can use the grant token only once. c) Specify the correct refresh token value while refreshing an access token.
invalid_redirect_uri	The redirect URI in the request mismatches the one registered in the developer console.	Specify the correct redirect URI in the request.

Points to note

1. For redirection-based authorization, the grant token is valid only for a minute.
   
2. For self client apps, the grant token is valid for the time you selected while authorizing your application.
   
3. If the generation of access and refresh tokens from the grant token fails, the grant token becomes invalidated. You must generate another grant token.
   
4. You can generate a grant token only up to five times in a minute.
   
5. The access token is valid only for an hour. You must use the refresh token to generate new access tokens.
   
6. The refresh token does not expire. It is invalidated only when you revoke the refresh token.
   
7. Each user in an organization can have a maximum of 20 refresh tokens. Also, each refresh token can have a maximum of 30 active access tokens.
   
8. When a user creates the 31st access token, the system deletes the first created access token. Similarly, when the user creates the 21st refresh token, the system deletes the first created refresh token.
   

We hope you found this post useful. Keep a tab on this series for more exciting topics!

Reach out to us at support@zohocrm.com if you have any questions, or let us know in the comment section.

Cheers!

• Topic Participants

• Shylaja S

  

• 709613389@zohoclosedAccount.com

• Jaya Suriya J

  

• Summerswintersacc

• Mohan

• Sticky Posts

• Kaizen #197: Frequently Asked Questions on GraphQL APIs

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Kaizen #198: Using Client Script for Custom Validation in Blueprint

  Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Celebrating 200 posts of Kaizen! Share your ideas for the milestone post

  Hello Developers, We launched the Kaizen series in 2019 to share helpful content to support your Zoho CRM development journey. Staying true to its spirit—Kaizen Series: Continuous Improvement for Developer Experience—we've shared everything from FAQs

• Kaizen #193: Creating different fields in Zoho CRM through API

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Client Script | Update - Introducing Commands in Client Script!

  Have you ever wished you could trigger Client Script from contexts other than just the supported pages and events? Have you ever wanted to leverage the advantage of Client Script at your finger tip? Discover the power of Client Script - Commands! Commands

• Recent Topics

• Weekly Tips : Customize your Compose for a smoother workflow

  You are someone who sends a lot of emails, but half the sections in the composer just get in your way — like fields you never use or sections that clutter the space. You find yourself always hunting for the same few formatting tools, and the layout just

• Zoho Slowness - Workarounds

  Hi all, We've been having intermittent slowness and Zoho just asks for same stuff each time but never fix it. It usually just goes away on it's own after a couple weeks. Given that speed is a very important thing for companies to be able to keep up with

• Custom Bulk Select Button

  Zoho CRM offers the ability to select multiple records and invoke a Custom Button This functionality is missing from Recruit Currently we can only add buttons in the detail page and list But we cannot select Multiple Records and invoke a function with

• Zoho CRM still doesn't let you manage timezones (yearly reminder)

  This is something I have asked repeatedly. I'll ask once again. Suppose that you work in France. Next month you have a trip to Guatemala. You call a contact there, close a meeting, record that meeting in CRM. On the phone, your contact said: "meet me

• Power of Automation :: Smart Ticket Management Between Zoho Desk and Projects

  Hello Everyone, A custom function is a software code that can be used to automate a process and this allows you to automate a notification, call a webhook, or perform logic immediately after a workflow rule is triggered. This feature helps to automate

• First day of trying FSM in the field.

  What we found. 1. with out a network connection we were unable to start a service call? 2. if you go to an appointment and then want to add an asset it does not seem possible. 3. disappointed not to be able to actually take a payment from within the app

• BUG - Google Business Buttons - Add a button to GBP Post

  I am experiencing an issue with the "Add a button" feature when creating posts for my Google Business Profile (GBP) through Zoho Social. When I schedule or publish a GBP post and include a call-to-action button with a specific URL, the post itself publishes

• Rich text Merge field - Not using font specified in HTML

  I have a rich text merge field in a writer template which is creating a table. I have chosen to use this method instead of a repeat region because I need to specify specific cell background colours which change every time the document is created. The

• Support for Custom Fonts in Zoho Recruit Career Site and Candidate Portal

  Dear Zoho Recruit Team, I hope you're doing well. We would like to request the ability to use custom fonts in the Zoho Recruit Career Site and Candidate Portal. Currently only the default fonts (Roboto, Lato, and Montserrat) are available. While these

• CC and/or BCC users in email templates

  I would like the ability to automatically assign a CC and BCC "User (company employee)" into email templates. Specifically, I would like to be able to add the "User who owns the client" as a CC automatically on any interview scheduled or candidate submitted

• Trying to export a report to Excel via a deluge script

  I have this code from other posts but it gives me an error of improper statement, due to missing ; at end of line or incomplete expression. Tried lots of variations to no avail. openUrl(https://creatorapp.zoho.com/<username>/<app name>/XLSX/#Report:<reportname>,"same

• Need help to create a attach file api

  https://www.zoho.com/crm/developer/docs/api/v8/upload-attachment.html Please help me to create it... It's not working for while. Do you have some example?

• Export view via deluge.

  Hi, Is it possible to export a view (as a spreadsheet) via deluge? I would like to be able to export a view as a spreadsheet when a user clicks a button. Thanks     

• Outdated state in mexico

  Hello Zoho team, the drop down to add the state for customers, when they introduce their state in mexico has a city named “Distrito Federal” that name changed many years ago to “ciudad de mexico”. could you please update this so my clients can find the

• Possible to generate/download Quote PDF using REST API?

  See title. Is there any way after a quote has been created to export to a PDF using a specified template and then download it? Seems like something that should be doable. Is this not supported in the API v2.0?

• Creating an invoice to be paid in two installments?

  Hi there, I own a small Photographic Services business and have not been able to find a way to fit my billing system into Zoho, or any other Accounting software. The way my payments work is: 1. Customer pays 50% of total price of service to secure their

• Bug in allowing the user to buy out of stock items

  Hi i want to allow the user to buy out of stock items, according to the commerce documentation if i disable Restrict "Out of stock" purchases it will, but it doesnt work, so i want to know if it had any relation with zoho inventory, and if theres any

• Replace Lookup fields ID value with their actual name and adding inormation from subforms

  Hi everyone,  I wanted to see if someone smarter than me has managed to find any solutions to two problems we have. I will explain both below.  To start we are syncing data from Zoho CRM to Zoho Analytics and I will use the Sales Order module when giving

• Can a Zoho Sites page be embedded into another website (outside Zoho)

  Hi All, We have a request from a client - they'd like to take one of our information pages created in Zoho Sites and embed it into their own website? I was told through an email with Zoho that this was possible >>Thank you for your patience regarding

• Bug in allowing the user to buy out of stock items

  Hi i want to allow the user to buy out of stock items, according to the commerce documentation if i disable Restrict "Out of stock" purchases it will, but it doesnt work, so i want to know if it had any relation with zoho inventory, and if theres any

• Transition Criteria Appearing on Blueprint Transitions

  On Monday, Sept. 8th, the Transition criteria started appearing on our Blueprints when users hover over a Transition button. See image. We contacted Zoho support because it's confusing our users (there's really no reason for them to see it), but we haven't

• Zoho CRM Sales Targets for Individual Salespeople

  Our organistion has salespeople that are allocated to different regions and have different annual sales targets as a result. I am building an CRM analytics dashboard for the sales team, which will display a target meter for the logged in salesperson.

• Transfer all Related Data to new Account Owner

  Currently when I change the account Owner I only see the option to change only the open deals But I want the new account owner to take over all the related modules and all the deal stages Is it not possible right now? Am I missing something? Do I really

• Can i connect 2 instagram accounts to 1 brand?

  Can i connect 2 instagram accounts to 1 brand? Or Do i need to create 2 brands for that? also under what subscription package will this apply?

• How to Calculate MTTR (Mean Time to Resolve)

  We want to calculate MTTR (Mean Time to Resolve) in our Zoho Analytics report under Tickets. Currently, we are using the following fields: Ticket ID Ticket Created Time Ticket Closed Time Ticket On Hold Time We are planning to calculate MTTR (in days)

• How to export project tasks, including the comments

  Hi, how can I export the project tasks, whereby I can also see the comments associated to a specific task? The use-case is that often we use comments to discuss or update a task related ideas. I would like to export the tasks, where we can also see the

• Does Zoho Sheet Supports https://n8n.io ?

  Does Zoho Sheet Supports https://n8n.io ? If not, can we take this as an idea and deploy in future please? Thanks

• Bigin Android app update: User management

  Hello everyone! In the most recent Bigin Android app update, we have brought in support for the 'Users and Controls' section. You can now manage the users in your organization within the mobile app. There are three tabs in the 'Users and Controls' section:

• Share records with your customers and let them track their statuses in real time.

  Greetings, I hope everyone is doing well! We're excited to introduce the external sharing feature for pipeline records. This new enhancement enables you to share pipeline records with your customers via a shareable link and thereby track the status of

• Live webinar: Discover Zoho Show: A complete walkthrough

  Hello everyone, We’re excited to invite you to our upcoming live webinar, Discover Zoho Show: A Complete Walkthrough. Whether you’re just getting started with Show or eager to explore advanced capabilities, this session will show you useful tips and features

• Deal Stage component/widget/whatever it is... event

  Deal Stages I am trying to access the event and value of this component. I can do it by changing the Stage field but users can also change a Deal Stage via this component and I need to be able to capture both values. Clicking on 'Verbal' for instance,

• Create advanced slideshows with hybrid reports using Zoho Projects Plus

  Are your quarterly meetings coming up? It’s time to pull up metrics, generate reports, and juggle between slides yet again. While this may be easier for smaller projects, large organizations that run multiple projects may experience the pressure when

• Add an option to disable ZIA suggestions

  Currently, ZIA in Zoho Inventory automatically provides suggestions, such as sending order confirmation emails. However, there is no way to disable this feature. In our case, orders are automatically created by customers, and we’ve built a custom workflow

• Email Integration - Zoho CRM - OAuth and IMAP

  Hello, We are attempting to integrate our Microsoft 365 email with Zoho CRM. We are using the documentation at Email Configuration for IMAP and POP3 (zoho.com) We use Microsoft 365 and per their recommendations (and requirements) for secure email we have

• Formula field with IF statement based on picklist field and string output to copy/paste in multi-line field via function

  Hello there, I am working on a formula field based on a 3-item picklist field (i.e. *empty value*, 'Progress payment', 'Letter of credit'). Depending on the picked item, the formula field shall give a specific multi-line string (say 'XXX' in case of 'Progress

• CRM x WorkDrive: File storage for new CRM signups is now powered by WorkDrive

  Availability Editions: All DCs: All Release plan: Released for new signups in all DCs. It will be enabled for existing users in a phased manner in the upcoming months. Help documentation: Documents in Zoho CRM Manage folders in Documents tab Manage files

• Zoho CRMの流入元について

  Zoho CRMとZoho formsを連携し、 formsで作成したフォームをサイトに埋め込み運用中です。 UTMパラメータの取得をformsを行い、Zoho CRMの見込み客タブにカスタム項目で反映される状況になっています。 広告に関してはUTMパラメータで取得できているため問題ないのですが、オーガニック流入でフォーム送信の場合も計測したいです。メールやGoogle、Yahoo、directなどの流入元のチャネルが反映されるようにしたいのですが、どのように設定したら良いでしょうか。 また、

• Error While Sign in on Zoho Work Drive

  Dear Team, I hope this email finds you well. I have recently created a Zoho account and started using it. But while I am trying to log in to Zoho work drive it won't log me in its crashing every time I try it. I have tried it on android app, phone browser

• Choosing a portal option and the "Unified customer portal"?

  I am trialling Zoho to replace various existing systems, one of which is a customer portal. Our portal allows clients to add and edit bookings, complete forms, manage their subscriptions and edit some CRM info. I am trying to understand how I might best

• Elevate your CX delivery using CommandCenter 2.0: Simplified builder; seamless orchestration

  Most businesses want to create memorable customer experiences—but they often find it hard to keep them smooth, especially as they grow. To achieve a state of flow across their processes, teams often stitch together a series of automations using Workflow

• Next Page