Kaizen #2 - OAuth2.0 and Self Client #API

Hi everyone!

Welcome back to another week of Kaizen! 

In this post, we will shed some light on the OAuth2.0 protocol and how you can use Zoho's Self Client option to authenticate your application and generate the tokens.

What is OAuth2.0?

OAuth 2.0 is an industry standard protocol specification that enables third-party applications (clients) to gain delegated access to protected resources in Zoho via an API.

Why should we use OAuth2.0?

• Clients are not required to support password authentication or store user credentials.
  
• Clients gain delegated access, i.e., access only to resources authenticated by the user.
  
• Users can revoke client's delegated access anytime.
  
• OAuth access tokens expire after a set time. If the client faces a security breach, user data will be compromised only until the access token is valid.
  

To use the Zoho CRM APIs, you must authenticate the application to make API calls on your behalf with an access token.

The access token, in return, must be obtained from a grant token (authorization code).

Zoho CRM APIs use the authorization code grant type to provide access to protected resources.

In this type,

1. The web application redirects the user to the OAuth server.
   
2. The user sees the authorization prompt and approves the app's request as shown in the below image.
   
   
   
3. The user is redirected back to the application with an authorization code in the query string.
   
   
   
4. The application exchanges the authorization code for an access token.
   

As you can see, this involves user intervention while authorizing your application.

When should you use Self Client?

If your application is a stand-alone application that performs only back-end jobs like data-sync(without any manual intervention), you cannot use this authorization code flow. 

In the below example image, the data sync happens between Zoho CRM and your legacy Product Management system. So, it is perfect to use the Self Client option as it does not need an UI for this type of application. Using this flow, you can generate the grant token, access, and refresh tokens.

How to use Self Client?

1. Go to Zoho Developer Console and log in with your Zoho CRM username and password.

2. Choose Self Client from the list of client types.

3. Click Create on the Create New Client page and click OK in the pop up to enable a self client for your account.

4. Now, your client ID and secret is displayed under the Client Secret tab.

5. Click the Generate Code tab to generate the Grant token.

The grant token is a temporary token generated by the authorization server (Zoho CRM, here) to generate access and refresh tokens.

Before generating the grant token, you must decide the scope you need. Scope decide the level of access a client can have to a resource.
Refer to our list of scopes, for more details.

a. Click the Generate Code tab and enter the required scope separated by commas.

b. Select the Time Duration for which the grant token is valid. Please note that after this time, the grant token expires.

c. Enter a description and click Generate.

d. The generated code for the specified scope is displayed. Copy the grant token.

e. Please note that generating grant token is a one-time process, provided you generate the access and refresh tokens within the time the grant token is valid for.

6. Generate the Access and Refresh tokens using Postman or any REST client.

a. Open Postman.

b. Make a POST request with the following URL.

"{{accounts-domain}}/oauth/v2/token"

{{accounts-domain}} is the domain-specific URL in which you registered your client.

c. Pass the below keys and their values in the body of the request.

d. Hit Send. The access and refresh tokens are displayed in the response.

 e. The access token is valid for an hour from generation. 

 f. The refresh token does not expire. You can use this to refresh your access token when they expire.

Quick tip: Enter all the required keys and values in Postman before you generate the token. This way, you will only have to paste the grant token after its generation, thereby reducing the risk of its expiration before you generate the tokens.

7. Store the access and refresh tokens and use the access token when you make API calls.

​8. Write a script that will call the below token refresh URL before the time the access token expires.

"{{accounts-domain}}/oauth/v2/token?client_id={{client_id}}&client_secret={[client_secret}}&refresh_token={{generated_refresh_token}}&grant_type=refresh_token"

Other useful links:

API Documentation

List of Scopes

Bulk Read API to export data in bulk from CRM

Bulk Write API to import data from a database to CRM

We will meet you next week with another exciting topic!

Cheers!

• Topic Participants

• Shylaja S

  

• alexb

• Praveen Sankar

  

• Vyas

• martin wheeler

• Sticky Posts

• Kaizen #142: How to Navigate to Another Page in Zoho CRM using Client Script

  Hello everyone! Welcome back to another exciting Kaizen post. In this post, let us see how you can you navigate to different Pages using Client Script. In this Kaizen post, Need to Navigate to different Pages Client Script ZDKs related to navigation A.

• Kaizen #152 - Client Script Support for the new Canvas Record Forms

  Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achieved

• Kaizen #210 - Answering your Questions | Event Management System using ZDK CLI

  Hello Everyone, Welcome back to yet another post in the Kaizen Series! As you already may know, for the Kaizen #200 milestone, we asked for your feedback and many of you suggested topics for us to discuss. We have been writing on these topics over the

• Kaizen #197: Frequently Asked Questions on GraphQL APIs

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Kaizen #198: Using Client Script for Custom Validation in Blueprint

  Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Recent Topics

• Does Zoho Docs have a Line Number function ?

  Hi, when collaborating with coding tasks, I need an online real time share document that shows line numbers. Does Zoho's docs offer this feature ? If yes, how can I show them ? Regards, Frank

• Setting Default Views for Custom, List and Detail Views

  Hey, Is it possible to set a default custom view, list view and detail view for a module for every user? We are onboarding a lot of non technical people that struggle with these things. Setting the views as default would really help. Btw: also setting

• Custom function return type

  Hi, How do I create a custom deluge function in Zoho CRM that returns a string? e.g. Setup->Workflow->Custom Functions->Configure->Write own During create or edit of the function I don't see a way to change the default 'void' to anything else. Adding

• Filter Based API request in Zoho Books using POSTMAN

  How do I GET only specified CONTACTS based on created time or modified time in Zoho Books using POSTMAN. In the api documentation, it is written we can apply filters but I need a sample request.

• URL validation

  We use an internal intranet site which has a short DNS name which Zoho CRM will not accept.   When attempting to update the field it says "Please enter a valid URL". The URL I am trying to set is http://intranet/pm/ Our intranet is not currently setup with a full DNS name and given the amount of links using the shortname probably isn't a feasible change for us.

• Has anyone been experiencing slow issues?

  Dear all, I just want to ask if anyone has been experiencing slow issues with Zoho Creator in the past two weeks? I worked with the ISP to improve network quality by changing routes and upgrading bandwidth, but nothing changed. I am in Vietnam.

• Zoho Projects Roadshows 2025 - USA

  Dear Users, After an amazing response to our roadshows in 2024, we are excited to be back for the second year in a row! Join our team of experts as they walk you through the most-used features in Zoho Projects, explore powerful automation capabilities,

• Billing Management: #6 Usage Billing in SaaS

  Imagine a customer shuffling across multiple subscriptions, a streaming service, a music app, cloud storage, and a design tool. Each one charges a flat monthly fee, regardless of how much or how little they use. Some months, the customer barely opens

• Is there anyone who has been experiencing issues regarding the Zoho Creator Certification Website in the past 2 weeks?

  Dear all , I just wanted to ask is there anyone who was planning on taking the Zoho Creator Developer Certification Test in the past 2 weeks and have been facing errors stating that the website is under maintennance and also not allowed to access the

• Directly Edit, Filter, and Sort Subforms on the Details Page

  Hello everyone, As you know, subforms allow you to associate multiple line items with a single record, greatly enhancing your data organization. For example, a sales order subform neatly lists all products, their quantities, amounts, and other relevant

• GST Slabs Redefined: Stay Compliant Using Zoho Books!

  Hello Everyone! The Government of India is rolling out new GST rates, a major reform aimed at simplifying the current tax structure starting 22 September 2025. GST will move from four slabs (5%, 12%, 18%, 28%) to two main slabs (5% and 18%), plus a special

• Allow syncing Activities from other applications

  Marketing Automation could be a much more powerful platform if you were able to sync activities into the platform (e.g. purchase, donation, etc) outside of a user doing something on your website. I'd love it if you could sync Custom CRM Modules as activities,

• Create static subforms in Zoho CRM: streamline data entry with pre-defined values

  Last modified on (9 July, 2025): This feature was available in early access and is currently being rolled out to customers in phases. Currently available for users in the the AU, CA, and SA DCs. It will be enabled for the remaining DCs in the next couple

• Global Sets for Multi-Select pick lists

  When is this feature coming to Zoho CRM? It would be very useful now we have got used to having it for the normal pick lists.

• Introducing Profile Summary: Faster Candidate Insights with Zia

  We’re excited to launch Profile Summary, a powerful new feature in Zoho Recruit that transforms how you review candidate profiles. What used to take minutes of resume scanning can now be assessed in seconds—thanks to Zia. A Quick Example Say you’re hiring

• Integración Books para cumplir la ley Crea y Crece y Ley Antifraude (VeriFactu)

  Hola: En principio, en julio de 2025, entra en vigor la ley Crea y Crece y Ley Antifraude (VeriFactu). ¿Sabéis si Zoho va a cumplir con la ley para cumplir con la facturación electrónica conectada a Hacienda? Gracias

• Ask the Experts #1

  Hello everyone! It’s time to transform how you manage projects. Define the processes. Automate the tasks. Streamline the workflows. Let us dive into automation in Zoho Projects — from configuring workflows and custom functions to building triggers, using

• How to overcome Zoho Deluge's time limit?

  I have built a function according to the following scheme: pages = {1,2,3,4,5,6,7,8,9,10}; for each page in pages { entriesPerPage = zoho.crm.getRecords("Accounts",page,200); for each entry in entriesPerPage { … } } Unfortunately, we have too many entries

• Zoho Sheet - Printing - Page Breaks and Printing Customization

  I think the title is descriptive enough in that I cannot find help documentation on a simple task of adding in page brakes for separating pages on print. Thanks

• Checking if Creator has Change History

  Like zForms - whenever an entry was updated there's an option to attached change history to email notif. Trigger -> Successful form submission

• Zoho sites header

  Good day, Im stuck with this situation. I choose a template for my website creation. I have tweaked every instance of the visual editor, regarding the header, I have created created customize fonts presets... I have followed every single step. and my

• Your bot just got smarter: AI-Powered routing that reads between the lines

  What if your bot could tell the difference? Between a visitor who just needs a quick answer, someone actively comparing options, and a frustrated customer one click away from leaving? Most bots can't. They deliver the same response to everyone, missing

• Unable to create embed code for resource of workdrive using API

  Hello Team, I am trying to create embed code for a resource using workdrive api in powershell, however facing some issues with injecting data in body. Followed Doc: https://workdrive.zoho.com/apidocs/v1/filefoldersharing/shareeveryone Please help, below

• how to use validation rules in subform

  Is it possible to use validation rules for subforms? I tried the following code: entityMap = crmAPIRequest.toMap().get("record"); sum = 0; direct_billing = entityMap.get("direct_billing_details"); response = Map(); for each i in direct_billing { if(i.get("type")

• Adding contact role to a specific deal js sdk malfunctioning

  i was trying to add the contact role to a specific deal contact but repeatedly i am getting this error: { "code": "SUCCESS", "details": { "statusMessage": { "code": "INVALID_DATA", "details": { "expected_data_type": "jsonobject" }, "message": "body",

• Q3 Updates from Bigin!

  Hey Biginners, Hope you’re doing great! As we approach the end of 2025, we truly hope Bigin has been a part of helping you build your dream business this year! We've been busy working behind the scenes to bring you features that make running your business

• New Series Announcement - Ecommerce Marketing Tips

  Running an online business is more than just having a website. It’s about getting the right customers to discover you, trust you, and keep coming back. To support your growth journey, we’re launching a weekly Marketing Tips series right here on Zoho Commerce

• Client Script | Update - Introducing Subform Events and Actions

  Are you making the most of your subforms in Zoho CRM? Do you wish you could automate subform interactions and enhance user experience effortlessly? What if you had Client APIs and events specifically designed for subforms? We are thrilled to introduce

• {"errors":[{"id":"500","title":"Servlet execution threw an exception"}]}

  Here's the call to move a file to trash. The resource_id is accurate and the file is present. header = Map(); header.put("Accept","application/vnd.api+json"); data = Map(); data_param1 = Map(); att_param1 = Map(); att_param1.put("status",51); data_param1.put("attributes",att_param1);

• Converting Sales Order to Invoice via API; Problem with decimal places tax

  We are having problems converting a Sales Order to an Invoice via API Call. The cause of the issue is, that the Tax value in a Sales Order is sometimes calculated with up to 16 decimal places (e.g. 0.8730000000000001). The max decimal places allowed in

• Zoho Canvas - Custom templates for related lists

  Hi, I see that the example pages load always one of our related lists in a custom template, but I dont know how to work with that:  1) How can i make my own custom templates for related lists?  2) Where and how can i check out existing custom templates?

• Kaizen #147 - Frequently Asked Questions on Zoho CRM Widgets

  Heya! It's Kaizen time again, folks! This week, we aim to address common queries about Zoho CRM Widgets through frequently asked questions from our developer forum. Take a quick glance at these FAQs and learn from your peers' inquiries. 1. Where can I

• open word file in zoho writer desktop version

  "How can I open a Microsoft Word (.doc or .docx) file in Zoho Writer if I only have the file saved on my computer and Zoho Writer doesn't appear as an option when I try 'Open with'? Is there a way to directly open the .doc file in Zoho Writer?"

• How to invite friends on other social media platforms to one of my group chats in arattai?

  Hello, I have formed chat groups in arattai. I want to invite my friends on other social media platforms like WhatsApp/ FB to one of my groups. Different friends would be invited to different groups. How to share an invite link of one of my groups to

• Zoho PDF editor has a lot of issues.

  Zoho PDF editor needs a lot of work. It hangs and glitches a lot. Deletes annotations and clearings randomly.

• Zohom mail

  Plz resolve the problem . I hope u understand .

• Clients not receiving emails

  I've been informed that my emails are not being received. Is there anything that I should look into to rectify this? Many thanks!

• stock

  bom/bse : stock details or price =STOCK(C14;"price") not showing issue is #N/A! kindly resolve this problem

• Zoho sheet desktop version

  Hi Zoho team Where can I access desktop version of zoho sheets? It is important as web version is slow and requires one to be online all the time to do even basic work. If it is available, please guide me to the same.

• ZOHO SHEETS

  Where can I access desktop version of zoho sheets? It is important to do basic work If it is available, please guide me to the same

• Next Page