We're in the process of integrating Zoho CRM with our Django backend and currently testing the API endpoints via Postman. I've forked Zoho's official CRM REST API collection in Postman for this.

Steps Taken:

1. Created a Self Client via Zoho API Console:
   URL: https://api-console.zoho.in/client/xxxxx

   • Set scope: ZohoCRM.modules.ALL

   • Validity: 10 minutes

   • Used region domain: .in (since we’re using Zoho India services)

2. Generated Authorization Code using the Authorization Code Grant flow.

3. Exchanged Authorization Code for Tokens:

   Request:

   URL: https://accounts.zoho.in/oauth/v2/token
   Method: POST
   Authorization: None
   Body (form-data):
   {
     client_id: "my_client_id",
     client_secret: "my_client_secret",
     redirect_uri: "https://www.getpostman.com/oauth2/callback",
     code: "generated_code_from_api_console",
     grant_type: "authorization_code"
   }
   

   Response:

   {
     "access_token": "1000.xxxxxx.yyyyyy",
     "refresh_token": "1000.111111.222222",
     "scope": "ZohoCRM.modules.ALL",
     "api_domain": "https://www.zohoapis.in",
     "token_type": "Bearer",
     "expires_in": 3600
   }
   

4. Attempted to Upsert a Lead:

   Request:

   URL: https://www.zohoapis.in/crm/v7/Leads/upsert
   Method: POST
   Authorization: Zoho-oauthtoken 1000.xxxxxx.yyyyyy
   Body:
   {
     "data": [
       {
         "Email": "testuser@test.com",
         "Last_Name": "user",
         "First_Name": "test"
       }
     ],
     "duplicate_check_fields": ["Email"]
   }
   

   Response:

   {
     "code": "INVALID_TOKEN",
     "details": {},
     "message": "invalid oauth token",
     "status": "error"
   }
   

Notes:

• I've verified that both the token generation and API requests are using the .in domain.

• Tried this in both the production and sandbox environments:

  • Sandbox URL: https://sandbox.zohoapis.in/crm/v7/Leads/upsert

  • Same error persists in both environments.