Kaizen #2 - OAuth2.0 and Self Client #API

Hi everyone!

Welcome back to another week of Kaizen! 

In this post, we will shed some light on the OAuth2.0 protocol and how you can use Zoho's Self Client option to authenticate your application and generate the tokens.

What is OAuth2.0?

OAuth 2.0 is an industry standard protocol specification that enables third-party applications (clients) to gain delegated access to protected resources in Zoho via an API.

Why should we use OAuth2.0?

• Clients are not required to support password authentication or store user credentials.
  
• Clients gain delegated access, i.e., access only to resources authenticated by the user.
  
• Users can revoke client's delegated access anytime.
  
• OAuth access tokens expire after a set time. If the client faces a security breach, user data will be compromised only until the access token is valid.
  

To use the Zoho CRM APIs, you must authenticate the application to make API calls on your behalf with an access token.

The access token, in return, must be obtained from a grant token (authorization code).

Zoho CRM APIs use the authorization code grant type to provide access to protected resources.

In this type,

1. The web application redirects the user to the OAuth server.
   
2. The user sees the authorization prompt and approves the app's request as shown in the below image.
   
   
   
3. The user is redirected back to the application with an authorization code in the query string.
   
   
   
4. The application exchanges the authorization code for an access token.
   

As you can see, this involves user intervention while authorizing your application.

When should you use Self Client?

If your application is a stand-alone application that performs only back-end jobs like data-sync(without any manual intervention), you cannot use this authorization code flow. 

In the below example image, the data sync happens between Zoho CRM and your legacy Product Management system. So, it is perfect to use the Self Client option as it does not need an UI for this type of application. Using this flow, you can generate the grant token, access, and refresh tokens.

How to use Self Client?

1. Go to Zoho Developer Console and log in with your Zoho CRM username and password.

2. Choose Self Client from the list of client types.

3. Click Create on the Create New Client page and click OK in the pop up to enable a self client for your account.

4. Now, your client ID and secret is displayed under the Client Secret tab.

5. Click the Generate Code tab to generate the Grant token.

The grant token is a temporary token generated by the authorization server (Zoho CRM, here) to generate access and refresh tokens.

Before generating the grant token, you must decide the scope you need. Scope decide the level of access a client can have to a resource.
Refer to our list of scopes, for more details.

a. Click the Generate Code tab and enter the required scope separated by commas.

b. Select the Time Duration for which the grant token is valid. Please note that after this time, the grant token expires.

c. Enter a description and click Generate.

d. The generated code for the specified scope is displayed. Copy the grant token.

e. Please note that generating grant token is a one-time process, provided you generate the access and refresh tokens within the time the grant token is valid for.

6. Generate the Access and Refresh tokens using Postman or any REST client.

a. Open Postman.

b. Make a POST request with the following URL.

"{{accounts-domain}}/oauth/v2/token"

{{accounts-domain}} is the domain-specific URL in which you registered your client.

c. Pass the below keys and their values in the body of the request.

d. Hit Send. The access and refresh tokens are displayed in the response.

 e. The access token is valid for an hour from generation. 

 f. The refresh token does not expire. You can use this to refresh your access token when they expire.

Quick tip: Enter all the required keys and values in Postman before you generate the token. This way, you will only have to paste the grant token after its generation, thereby reducing the risk of its expiration before you generate the tokens.

7. Store the access and refresh tokens and use the access token when you make API calls.

​8. Write a script that will call the below token refresh URL before the time the access token expires.

"{{accounts-domain}}/oauth/v2/token?client_id={{client_id}}&client_secret={[client_secret}}&refresh_token={{generated_refresh_token}}&grant_type=refresh_token"

Other useful links:

API Documentation

List of Scopes

Bulk Read API to export data in bulk from CRM

Bulk Write API to import data from a database to CRM

We will meet you next week with another exciting topic!

Cheers!

• Topic Participants

• Shylaja S

  

• alexb

• Praveen Sankar

  

• Vyas

• martin wheeler

• Sticky Posts

• Kaizen #152 - Client Script Support for the new Canvas Record Forms

  Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achieved

• Kaizen #142: How to Navigate to Another Page in Zoho CRM using Client Script

  Hello everyone! Welcome back to another exciting Kaizen post. In this post, let us see how you can you navigate to different Pages using Client Script. In this Kaizen post, Need to Navigate to different Pages Client Script ZDKs related to navigation A.

• Kaizen #210 - Answering your Questions | Event Management System using ZDK CLI

  Hello Everyone, Welcome back to yet another post in the Kaizen Series! As you already may know, for the Kaizen #200 milestone, we asked for your feedback and many of you suggested topics for us to discuss. We have been writing on these topics over the

• Kaizen #197: Frequently Asked Questions on GraphQL APIs

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Kaizen #198: Using Client Script for Custom Validation in Blueprint

  Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Recent Topics

• Trying to export a report to Excel via a deluge script

  I have this code from other posts but it gives me an error of improper statement, due to missing ; at end of line or incomplete expression. Tried lots of variations to no avail. openUrl(https://creatorapp.zoho.com/<username>/<app name>/XLSX/#Report:<reportname>,"same

• Need help to create a attach file api

  https://www.zoho.com/crm/developer/docs/api/v8/upload-attachment.html Please help me to create it... It's not working for while. Do you have some example?

• Export view via deluge.

  Hi, Is it possible to export a view (as a spreadsheet) via deluge? I would like to be able to export a view as a spreadsheet when a user clicks a button. Thanks     

• Zoho Inventory's latest shipping integration updates at a glance.

  Hello Users, We would like to share some important news about our latest improvements in the Shipping integration capabilities of Zoho Inventory that we achieved in 2024 with some of our major integration partners in key editions across APAC, North America,

• Outdated state in mexico

  Hello Zoho team, the drop down to add the state for customers, when they introduce their state in mexico has a city named “Distrito Federal” that name changed many years ago to “ciudad de mexico”. could you please update this so my clients can find the

• Possible to generate/download Quote PDF using REST API?

  See title. Is there any way after a quote has been created to export to a PDF using a specified template and then download it? Seems like something that should be doable. Is this not supported in the API v2.0?

• Creating an invoice to be paid in two installments?

  Hi there, I own a small Photographic Services business and have not been able to find a way to fit my billing system into Zoho, or any other Accounting software. The way my payments work is: 1. Customer pays 50% of total price of service to secure their

• Bug in allowing the user to buy out of stock items

  Hi i want to allow the user to buy out of stock items, according to the commerce documentation if i disable Restrict "Out of stock" purchases it will, but it doesnt work, so i want to know if it had any relation with zoho inventory, and if theres any

• Replace Lookup fields ID value with their actual name and adding inormation from subforms

  Hi everyone,  I wanted to see if someone smarter than me has managed to find any solutions to two problems we have. I will explain both below.  To start we are syncing data from Zoho CRM to Zoho Analytics and I will use the Sales Order module when giving

• Can a Zoho Sites page be embedded into another website (outside Zoho)

  Hi All, We have a request from a client - they'd like to take one of our information pages created in Zoho Sites and embed it into their own website? I was told through an email with Zoho that this was possible >>Thank you for your patience regarding

• Bug in allowing the user to buy out of stock items

  Hi i want to allow the user to buy out of stock items, according to the commerce documentation if i disable Restrict "Out of stock" purchases it will, but it doesnt work, so i want to know if it had any relation with zoho inventory, and if theres any

• Transition Criteria Appearing on Blueprint Transitions

  On Monday, Sept. 8th, the Transition criteria started appearing on our Blueprints when users hover over a Transition button. See image. We contacted Zoho support because it's confusing our users (there's really no reason for them to see it), but we haven't

• Zoho CRM Sales Targets for Individual Salespeople

  Our organistion has salespeople that are allocated to different regions and have different annual sales targets as a result. I am building an CRM analytics dashboard for the sales team, which will display a target meter for the logged in salesperson.

• Transfer all Related Data to new Account Owner

  Currently when I change the account Owner I only see the option to change only the open deals But I want the new account owner to take over all the related modules and all the deal stages Is it not possible right now? Am I missing something? Do I really

• Can i connect 2 instagram accounts to 1 brand?

  Can i connect 2 instagram accounts to 1 brand? Or Do i need to create 2 brands for that? also under what subscription package will this apply?

• How to Calculate MTTR (Mean Time to Resolve)

  We want to calculate MTTR (Mean Time to Resolve) in our Zoho Analytics report under Tickets. Currently, we are using the following fields: Ticket ID Ticket Created Time Ticket Closed Time Ticket On Hold Time We are planning to calculate MTTR (in days)

• How to export project tasks, including the comments

  Hi, how can I export the project tasks, whereby I can also see the comments associated to a specific task? The use-case is that often we use comments to discuss or update a task related ideas. I would like to export the tasks, where we can also see the

• Unable to see Zoho contacts in Zoho app on ios

  Hi Support Team, I am a new user, I have created my account and installed zohomail app on iOS 16 which works. I was also able to import my Gmail contacts into Zoho Contacts, which I can see. The problem is that I can’t see these imported cobalts in Zohomail

• Does Zoho Sheet Supports https://n8n.io ?

  Does Zoho Sheet Supports https://n8n.io ? If not, can we take this as an idea and deploy in future please? Thanks

• Bigin Android app update: User management

  Hello everyone! In the most recent Bigin Android app update, we have brought in support for the 'Users and Controls' section. You can now manage the users in your organization within the mobile app. There are three tabs in the 'Users and Controls' section:

• Share records with your customers and let them track their statuses in real time.

  Greetings, I hope everyone is doing well! We're excited to introduce the external sharing feature for pipeline records. This new enhancement enables you to share pipeline records with your customers via a shareable link and thereby track the status of

• Live webinar: Discover Zoho Show: A complete walkthrough

  Hello everyone, We’re excited to invite you to our upcoming live webinar, Discover Zoho Show: A Complete Walkthrough. Whether you’re just getting started with Show or eager to explore advanced capabilities, this session will show you useful tips and features

• Deal Stage component/widget/whatever it is... event

  Deal Stages I am trying to access the event and value of this component. I can do it by changing the Stage field but users can also change a Deal Stage via this component and I need to be able to capture both values. Clicking on 'Verbal' for instance,

• Create advanced slideshows with hybrid reports using Zoho Projects Plus

  Are your quarterly meetings coming up? It’s time to pull up metrics, generate reports, and juggle between slides yet again. While this may be easier for smaller projects, large organizations that run multiple projects may experience the pressure when

• Add an option to disable ZIA suggestions

  Currently, ZIA in Zoho Inventory automatically provides suggestions, such as sending order confirmation emails. However, there is no way to disable this feature. In our case, orders are automatically created by customers, and we’ve built a custom workflow

• Formula field with IF statement based on picklist field and string output to copy/paste in multi-line field via function

  Hello there, I am working on a formula field based on a 3-item picklist field (i.e. *empty value*, 'Progress payment', 'Letter of credit'). Depending on the picked item, the formula field shall give a specific multi-line string (say 'XXX' in case of 'Progress

• CRM x WorkDrive: File storage for new CRM signups is now powered by WorkDrive

  Availability Editions: All DCs: All Release plan: Released for new signups in all DCs. It will be enabled for existing users in a phased manner in the upcoming months. Help documentation: Documents in Zoho CRM Manage folders in Documents tab Manage files

• Zoho CRMの流入元について

  Zoho CRMとZoho formsを連携し、 formsで作成したフォームをサイトに埋め込み運用中です。 UTMパラメータの取得をformsを行い、Zoho CRMの見込み客タブにカスタム項目で反映される状況になっています。 広告に関してはUTMパラメータで取得できているため問題ないのですが、オーガニック流入でフォーム送信の場合も計測したいです。メールやGoogle、Yahoo、directなどの流入元のチャネルが反映されるようにしたいのですが、どのように設定したら良いでしょうか。 また、

• In App Auto Refresh/Update Features

  Hi,    I am trying to use Zoho Creator for Restaurant management. While using the android apps, I reliased the apps would not auto refresh if there is new entries i.e new kitchen order ticket (KOT) from other users.   The apps does received notification but would not auto refresh, users required to refresh the apps manually in order to see the new KOT in the apps.    I am wondering why this features is not implemented? Or is this feature being considered to be implemented in the future? With the

• Error While Sign in on Zoho Work Drive

  Dear Team, I hope this email finds you well. I have recently created a Zoho account and started using it. But while I am trying to log in to Zoho work drive it won't log me in its crashing every time I try it. I have tried it on android app, phone browser

• Choosing a portal option and the "Unified customer portal"?

  I am trialling Zoho to replace various existing systems, one of which is a customer portal. Our portal allows clients to add and edit bookings, complete forms, manage their subscriptions and edit some CRM info. I am trying to understand how I might best

• Unified Directory : How to Access ?

  I signed in to Zoho One this morning and was met with the pop up about the upgraded directory (yay!) I watched the video and pressed "Get Started" ... and it took me back to the standard interface. How do I actually access the new portal/directory ?

• Translation support expanded for Modules, Subforms and Related Lists

  Hello Everyone!   The translation feature enables organizations to translate certain values in their CRM interface into different languages. Previously, the only values that could be translated were picklist values and field names. However, we have extended

• Unified task view

  Possible to enable the unified task view in Trident, that is currently available in Mail?

• Bigin, more powerful than ever on iOS 26, iPadOS 26, macOS Tahoe, and watchOS 26.

  Hot on the heels of Apple’s latest OS updates, we’ve rolled out several enhancements and features designed to help you get the most from your Apple devices. Enjoy a refined user experience with smoother navigation and a more content-focused Liquid Glass

• Importing data into Assets

  So we have a module in Zoho CRM called customers equipments. It links to customers modules, accounts (if needed) and products. I made a sample export and created extra fields in zoho fsm assets module. The import fails. Could not find a matching parent

• Allow instruction field in Job Sheets

  Hello, I would like to know if it is possible to have an instruction field (multi line text) in a job sheet or if there is a workaround to be able to do it. Currently we are pretty limited in terms of fields in job sheets which makes it a bit of a struggle

• Streamlining Work Order Automation with Zoho Projects, Writer & WorkDrive

  Hello Community, Here is the first post in 'Integration & Automation' Series. Use Case :: Create, Merge, Sign & Store Documents in Zoho WorkDrive. Scenario :: You have a standard Work Order template created in Zoho Writer. When a task status is chosen

• The dimensions of multilingual power

  Hola, saludos de Zoho Desk. Bonjour, salutations de Zoho Desk. Hallo, Grüße von Zoho Desk. Ciao, saluti da Zoho Desk. Olá, saudações da Zoho Desk. வணக்கம், Zoho Desk இலிருந்து வாழ்த்துகள். 你好，来自 Zoho Desk 的问候。 مرحباً، تحيات من Zoho Desk. नमस्ते, Zoho

• Multi-line address lines

  How can I enter and migrate the following 123 state street Suite 2 Into a contact address. For Salesforce imports, a CR between the information works. The ZOHO migration tool just ignores it. Plus, I can't seem to even enter it on the standard entry screen.

• Next Page