Kaizen 116 - Client Types in Zoho API Console
Hello everyone!
Welcome back to another post in the Kaizen series!
This week, we will discuss different client types available in Zoho API Console, and when to use each.
When you register an app in Zoho API Console, you typically choose a client type based on how your application interacts with Zoho services.
Let us discuss the available client types and how authorization is handled for each.
Available client types
- Server-based
- Client-based
- Self client
- Non-browser-based
- Mobile-based
1. Server-based
If you have a web-based application that runs on a dedicated HTTP server and interacts with Zoho services by calling Zoho APIs via that server, you must register your app with this client type.
This client type is for applications that redirect the users to another URL on a web browser to authorize themselves, where they give consent to your application to use their data.
In other words, you must use this client type when you have a front-end web UI and require user intervention before your app can access user data via the dedicated server.
Consider that you are developing a web-based custom application. Users authorize that app via browser to allow their Zoho CRM data to be accessed and used by that application.
During the registration process in Zoho API Console, you would choose the "Web-based" client type.
OAuth 2.0 would be used for user authentication, allowing your app to securely access and interact with Zoho CRM data on behalf of the users.
Here is a gist of what happens:
- Users visit your website where you have the Login with Zoho button.
- When a user clicks it, that user will be redirected to accounts.zoho.com with the details of your app such as client ID, scope, redirect uri, access type as the URL parameters.
- Your app must make an API call to Zoho Accounts with the client ID, scope, redirect uri, and access type. Users are shown the data that your application wants to use.
- When users give their consent, Zoho redirects them back to your app.This will be the "Redirect URL" you give while registering your app.
- The redirect URL will have the authorization code(grant token) as one of the parameters, along with the location(user's domain).
- Your app must then make API calls from your web server to Zoho Accounts to generate access and refresh tokens with the generated grant token.
- You must store these tokens in your DB to access that user's data in Zoho CRM. While making API calls, you must send this access token in the header.
- Your app must also have the logic to regenerate access tokens from refresh tokens when the access token expires.
Note that your app must take care of storing user's details like email, organization ID, and tokens.
The following image shows the protocol flow.
You can use any of our server-side SDKs to simplify this process.
When you use our SDK, all you have to do is, generate the grant token and initialize the SDK with the client details and this token. The SDK takes care of access token generation, refreshing it, and token storage.
Refer to these older Kaizen posts on Integrating a third-party app using Java SDK and Java SDK for Self Client.
For more details, you can refer to the Accounts guide and CRM help doc.
2. Client-based applications
This client type is for applications that do not have a server and run exclusively on a web browser.
This is also called the Implicit flow as your app makes API calls to Zoho only when users are using your app.
This type of application loads data dynamically on the webpage, and accesses Zoho CRM data by making API calls via Javascript.
Consider the same example where there is a Login with Zoho button on your webpage.
Here is a gist of what happens when a user clicks it.
- Your app redirects the user to Zoho Accounts.
- Your app makes the authorization request with the client ID, redirect uri, scope, and response type as token.
- The user is shown the data that your webpage would use.
- When the user gives consent, Zoho Accounts sends the access token to the redirect uri as a parameter, along with the expiry time and the location of user's data in Zoho's accounts server.
- You can include the "email" in your scope parameter in the access token request to get user's information. The response will have a parameter called id_token that will be in the header.payload.signature format. You need to decrypt the payload section of the parameter using the base-64 decryption algorithm to get user information.
- Your app must then make API calls to Zoho with this access token to fetch data.
- When the access token expires, your app must take care of regeneration and storage.
As the API calls are made from your domain to a different domain(zohoapis.com), for security reasons, the browser will throw the CORS error. So, your domain will be registered while registering your app, and Zoho will know to allow the API calls made from that domain.
As the tokens are available on the browser itself, we recommend handling them with care.
When you use our client-side JS SDK, it automatically generates a new access token upon expiry.
3. Self Client Applications
When your application does not have a redirect URL or a UI, but performs only a backend job, and does not need user intervention, then you must choose this client type.
A self client is often used when the application and Zoho services are operated by the same entity, and you want to enable secure communication between them. For example, you have an internal reporting tool and integrate it with Zoho Analytics. In this case, both the tool and Zoho Analytics are operated by the same entity.
Similarly, consider that you have a legacy product management system and want to perform data sync between Zoho CRM and the system, then you must use the self client.
Here is a gist of what happens.
- You register your app as self client in Zoho API Console.
- You will get the client details such as ID and secret.
- You provide the scopes required for your app to access CRM data.
- You will receive the grant token.
- Your app must then make API calls to Zoho Accounts to generate access and refresh tokens.
- Your app can then use this access token to make API calls to Zoho CRM and use data.
You can refer to our older Kaizen post on this topic for more details.
Note that self client apps can also use any of our server-side SDKs. As already said, the SDK takes care of access and refresh token generation, refreshing the access token, and token storage.
4. Non-browser applications
This client type is for devices that do not have a user agent such a web browser. A TV, for instance.
Let us consider an example involving a smart TV application that integrates with Zoho ShowTime. In this scenario, the smart TV application acts as a non-browser client.
Here is how authentication is handled:
- You must register your smart TV app in Zoho API Console with the type "Non-browser application".
- Users install a dedicated Zoho ShowTime application on their smart TVs.
- When users launch the Zoho ShowTime application on their smart TV, they are prompted to authenticate with their Zoho ShowTime account.
- When they successfully authenticate, Zoho Accounts sends the grant token to your app, along with the user-code, device-code and verification URL,The user must go to this verification URL on a browser and enter the user-code to grant permission to the app.
- Meanwhile, your app must poll the accounts server using the grant token to check if the token has been received.
- When the user enters the user code, Zoho Accounts sends the access token to your app.
- Your app can then use the access token to make API calls to Zoho. Your app must take care of token storage and renewals.
Here is the protocol flow. For more details, refer to this doc.
5. Mobile-based applications
You must use this client type when you have developed an app exclusively for mobile devices. The protocol flow is similar to server-based application where a browser session is required for the users to authenticate.
Similar to server-side apps, mobile apps also need to handle redirection, token generation and storage.
If you use any of our Mobile SDKs, the SDK itself handles token generation and storage.
We hope you found this post useful. Let us know your thoughts in the Comment section or write to us at support@zohocrm.com.
Cheers!
Access your files securely from anywhere
New to Zoho Recruit?
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Shylaja S
Piyush Dwivedi
Ishwarya SG
Onur Gulay - Smile Center Turkey®
Sticky Posts
Client Script | Update - Introducing Commands in Client Script!
Have you ever wished you could trigger Client Script from contexts other than just the supported pages and events? Have you ever wanted to leverage the advantage of Client Script at your finger tip? Discover the power of Client Script - Commands! CommandsKaizen #165 : How to call Zoho CRM APIs using Client Script
Welcome back to another exciting Client Script post! In this post, we will discuss one of the most frequently asked questions: How do you call Zoho CRM APIs from Client Scripts? In this kaizen post, 1. Ways to make calls to Zoho CRM APIs using ClientKaizen#162 : Add Tags and Open Pre-filled Email Drafts via Client Scripts
Hello everyone! Welcome to another informative Kaizen post. In this post, let us see how to accomplish the following using Client Script. 1. How to auto-tag a record based on field update? 2. How to Open a pre-filled email draft This post will provideExtension Pointers - JS SDK series #4: Managing data from a widget using ZOHO.CRM.HTTP
Handling and managing the data between two applications is a major factor for an efficient business. There are a variety of ways to handle data between Zoho CRM and other third-party applications. You can use deluge CRM tasks, create connectors, use APIKaizen #152 - Client Script Support for the new Canvas Record Forms
Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achieved
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー
その他のサービス コンテンツ
Nederlandse Hulpbronnen
ご検討中の方
Recent Topics
Issue with ticket replies via Slack: '+' symbols replacing spaces in emails
Hello, support team! We're experiencing an issue when replying to tickets directly through Slack. When the reply is sent to the email, spaces are being replaced by '+' symbols. This makes the message harder to read and understand. Is there any solutionAllow 2 logos for Branding, one for Light Mode and one for Dark Mode?
Our logo has a lot of black text on it. If we leave the background transparent, per recommendation of Zoho, when a user is viewing a file and turns on dark mode, our logo is not really visible and looks really weird. It would be really great if we couldZoho Creator Populate radio field with values with all the created rows subfor
I have Main Form where i have a lookup field where i get brewery names and the number of tanks as a multiline text field with a list of beer names Based Brewery selected and bbt_tanks number i create rows in the subform and now i want to populate listCurrency column showing $ symbol
Hello, I'm importing data from Zoho Projects to Zoho Analytics and I was wondering why "Budget amount" column is set in dollars even if the "Currency" column = EUR: Is there a way to get the budget amount as "EUR" + nnnnnn? Thank youAndroid notifications not working
I've set push notifications to 'on' in ZohoMail for android settings but nothing doing. Can anyone help? I do use a VPN.my clients are not receiving mails
Hi, My clients are not receiving my mails sent . may we know the reason My dns server and imap settings are perfectMúltiple Deals when converting a Lead
Hello!!! I hope someone can help me figure out the best way to handle this scenario. I have a multi-select field named “Service” in the Leads module that captures either Service A, Service B, or both. When converting a lead, Zoho CRM currently createszoho mail and crm is very slow
I have recently employed Zoho in our organisation. Even after taking high speed internet, mail and CRM takes many minutes to even load. Its really slow and faces lot of downtime.How to use if_case with expressions other than equals
I'm trying to define a formula column that implements logic like this case statement would: case when numfld1 is null then null when numfld2 > 0 then 100*numfld2 when numfld2 < 0 then numfld2 else 0.0 end In formula columns, the docs say you need to useZoho CRM's V8 APIs are here!
Hello everyone!!! We hope you are all doing well. Announcing Zoho CRM's V8 APIs! Packed with powerful new features to supercharge your developer experience. Let us take a look at what's new in V8 APIs: Get Related Records Count of a Record API: Ever wonderedCreate global project dashboard for all users
Would like to be able to create a custom dashboard for projects with certain widgets that are default for all new projects. right now, I have to modify each project dashboard per project per user. This is not practical.What's New in Zoho Inventory | January - March 2025
Hello users, We are back with exciting new enhancements in Zoho Inventory to make managing your inventory smoother than ever! Check out the latest features for the first quarter of 2025. Watch out for this space for even more updates. Email Insights forInline images are not shown on iPhone
When I add an image inline it gets displayed on a Zoho's computer software or web browser, but not on Zoho's iPhone app - the image appears to be broken and cannot be copied neither saved. What's the problem with displaying images inline when readingKaizen #186 : Client Script Support for Subforms
Hello everyone! Welcome back to another exciting Kaizen post on Client Script! In this edition, we’re taking a closer look at Client Script Support for Subforms with the help of the following scenario. " Zylker, a manufacturing company, uses the "Orders"Viewing Live data
Where can I see the live data that is sent from the device?Canvas templates can now be shared with different CRM organizations
----------------------------------------Moderated on 14th February, 2023------------------------------------------- Dear all, This feature is now open for all users in all DCs. To learn more about importing and exporting canvas templates, read our helpFormatting Mailing Labels
I want to use the "Print Mailing Labels" function on the drop down list, but I am not seeing a way to change the formatting on the mailing labels. At the moment, the information that appears on the mailing labels ARE NOT mailing addresses, but random information. I would also like to change be able to change the size of the labels. At the very least I would like to know what type of labels I can get that would be the correct size.CRM to Writer Mail Merge Preview not working
When performing a mail merge from CRM to writer the preview function does not work. I get the following error. I am a Zoho one user on a ChromeOS. I have been successfully using mail merge from CRM to Writer about 4 years. This error seemed to coincideBest practice : when to convert lead to Deal
Hello, I'm new to Zoho and run my own business. To make sure I'm using Zoho correctly, when do I press convert, from Lead to Deal, at what stage in the conversion funnel/conversation. I want to make sure I can a) monitor status of all pending lead orShow Call History During a Blueprint Transition in Leads Module
Hi all, I have a Blueprint set up in the Leads module with a transition to Reattempt Call, which updates the lead status to Attempted Contact. I’d like to know if there’s a way to show the call history or at least a summary of how many call attempts haveHow do I filter contacts by account parameters?
Need to filter a contact view according to account parameter, eg account type. Without this filter users are overwhelmed with irrelevant contacts. Workaround is to create a custom 'Contact Type' field but this unbearable duplicity as the information alreadyHow to delete more than 100 leads at a time.
We are a call center and we need to upload fresh leads daily. Is there any way to delete all leads only at once. Currently we are deleting 100 at a time. Please anyone who can help. Thank you.The Next Chapter for CRM for Everyone: Moving from Early Access to Phased Rollout for Customers
#CRM25Q1 Hello Everyone, Until now, CRM for Everyone has been available in early access mode exclusively for users who opted to try the new version. We are now transitioning to a phased release, starting with the basic edition. We are thrilled to announceCanvas for related lists
Hey, we would like to customize our related lists. For us, it would make more sense to present the data from an assigned record vertical instead of horizontal. Can we get a related list Canvas view?Standalone custom function not generating logs
Why dont't standalone custom functions generate logs when the're called from another function? I have some functions (workflow, buttons and blueprint) that have common parts, so I put that part in a standalone function which is called from the others.Show Zoho Books Retainer Invoice in Zoho CRM
Hi Support, How can I get Retainer Invoices created in Zoho Books to show in Zoho CRM? If a sales person needs to collect an upfront deposit, they should be able to see that the retainer invoice has been created and paid. Thanks, AshleyFeature Request - Zoho Books - Add Retainer Invoices to CRM/Books integration
Hi Books Team, My feature request is to include Retainer Invoices in the finance suite integration with Zoho CRM. This way we will be able to see if retainer invoices have been issued and paid. I have also noticed that when the generate retainer invoiceACR Phone mobile app for logging phone calls into Zoho CRM
ACR Phone is an Android app recording voice calls with additional features such as blacklist, cloud upload, call log and more. Use the ACR Phone extension for Zoho CRM to generate Leads and Contacts with the voice recording attached right after your phoneNew in Zoho Sign: Allow recipients to review and change associated recipients
Greetings! We are happy to announce the addition of a new recipient role, Manages recipients, in our signature workflows. This role enables a recipient to review, modify, or add details for any recipients associated with them in the workflow. This ensuresHow can I throw an error / terminate the flow from within a custom function?
As the subject says. I would like to be able to terminate a flow from within a custom function if certain conditions are not met. I know I could hook a decision box to the output of my custom function and check return variable, but hoping there is a moreMultiple Zoho Attendees in a Customer meeting
We are having constraints with having to log duplicate meetings when we have 2 Zoho users attending a customer meeting. What are the options to resolve this? You can add participants, but you cannot report on them. What can be done to avoid creating soiOS 18 is here! Discover the enhanced Bigin app with iOS 18, iPadOS 18 and macOS Sequoia.
Hello, everyone! We are excited to be back with new features and enhancements for the Bigin app. Let us take a look at the new iOS 18 and iPadOS 18 features. The following is the list of features covered in this update: Control widgets. New app icons.Multi-Select lookup field has reached its maximum??
Hi there, I want to create a multi-select lookup field in a module but I can't select the model I want the relationship to be with from the list. From the help page on this I see that you can only create a max of 2 relationships per module? Is that true?Password change restriction
Can the administrator restrict users from changing their email password?NOW Zoho Creator still cannot bulk download Image or File Upload Field
The filedownloader has been deprecated for 5 years. Until now, we still cannot have a replacement tool. How can we bulk download the file that we uploaded to Zoho Creator. Previously, it was so simple to bulk download all those files. But now failed toCRM API Search Record for Last Name equals "."
When using the CRM API to look for all contacts with a lastname = "." The API returns an Invalid Query Reponse I have tried (Last_Name:equals:.) (Last_Name:equals:%5C.) (Last_Name:equals:\.) We have a scenario where the Last Name may not be known forMS PowerApps Custom Connector
Has anyone successfully connected to the API from MS PowerApps? The OAuth2 seems impossible to use from a platform like this.Zdk-cli
As i have tried to login to zdk cli as it returns this error ✔ Success! Logged in as JAYANTHAN ✖ Error during initialization of zdk api supported only in sandbox environmentSe puede mover un Cliente de un modulo a otro personalizado
Hola, tengo una duda que me gustaría resolver: Actualmente trabajo con dos módulos: Seguimiento de Venta y Cierre de Ventas . Mi objetivo es que, cuando desde el módulo de Seguimiento se marca una venta como "Venta Efectiva" , el cliente sea movido alIts 2022, can our customers log into CRM on their mobiles? Zoho Response: Maybe Later
I am a long time Zoho CRM user. I have just started using the client portal feature. On the plus side I have found it very fast and very easy (for someone used to the CRM config) to set up a subset of module views that make a potentially extremely usefulNext Page