Client Credentials
Hello everyone,
Welcome back to Kaizen.
In this post, we will discuss Client Credentials Flow and when it can be used.
What is Client Credentials Flow?
According to RFC6749, the official specification for the OAuth 2.0 authorization framework,
"The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client,or to protected resources previously arranged with the authorization server. Client credentials are used as an authorization grant typically when the client is acting on its own behalf (the client is also the resource owner) or is requesting access to protected resources based on an authorization previously arranged with the authorization server." |
For Zoho CRM APIs, the credentials used are client id and client secret.
When can Client Credential Flow be used?
The client credentials flow is appropriate for machine-to-machine communications in which the application does not need to act on behalf of a specific user as the program can authenticate using just their own credentials to receive an access token. Here the credentials are client id and client secret.
Compared to the flow of creating access tokens in the self client flow, the client credentials flow can be used to perform one-time tasks like one-time data migration or testing Zoho CRM API calls, etc. We recommend using self client or server-based authorization for integration purposes. The main benefit of the client credentials flow is the simplicity in creating an access token, requiring only the client ID, client secret, OAuth scopes, and SOID.
If you are a first time user of Zoho CRMs, you can get started with Zoho CRM APIs by using the client credentials flow for authorization. Head over to Zoho CRM API Collection where a Client Credentials sample is added. Make sure that you have the required request parameters available in your environment for a smooth setup.
How to obtain access token in client credentials flow?
To obtain an access token using the client credentials flow, make an API call to the following endpoint
{accounts_url}/oauth/v2/auth?client_id={client_id}&client_secret={client_secret}&grant_type=client_credentials&scope={scope}&soid={org_id_or_portal_id} |
Request Parameters
- grant_type: Enter the value as "client_credentials".
- client_id: Specify the client-id obtained from the connected app.
- client_secret: Specify client-secret obtained from the connected app.
- scope: Enter the corresponding scope for the resource you want to access from the user's account. Multiple scopes can be given in comma separated format.
- soid: Enter this parameter in the format ZohoCRM.{zsoid} where zsoid is the unique ID of your org or portal. If your application has multiple orgs or portals, the token created is bound to this org or portal. For example: ZohoCRM.600xxx46
Response
If successful, the response will look something like this:
{ "access_token": "1000.b2caxxxxx3c6", "scope": "ZohoCRM.org.ALL ZohoCRM.settings.ALL ZohoCRM.users.ALL ZohoCRM.templates.email.READ ZohoCRM.templates.inventory.READ ZohoCRM.modules.ALL", "api_domain": "https://www.zohoapis.com", "token_type": "Bearer", "expires_in": 3600 } |
Response Keys
- access_token: Access token to access ZohoCRM APIs.
- scope: The scope for the resource you want to access from the user's account that was provided in the parameters.
- api_domain: The domain for API requests, varies by environment (e.g., sandbox.zohoapis.{domain}).
- token_type: Type of token obtained. "Bearer" indicates this is an access token.
- expires_in: Time in seconds after which the access token expires.
This completes the authentication. Once your app receives the access token, send the token in your HTTP authorization header to Zoho CRM API with the value "Zoho-oauthtoken {access_token}" for each endpoint (for each request).
The response does not contain a refresh token. When an access token expires, make an API call to the same endpoint to get a new access token (if required).
We hope you found this post useful. We will meet you next week with another interesting topic!
If you have any questions, let us know in the comment section.
Cheers!
Previous Post: Kaizen #163 - Extension Widgets in Zoho CRM | Kaizen Collection: Directory | Help document link: Client Credentials
Access your files securely from anywhere
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Mable Mary M P
Sticky Posts
Kaizen#162 : Add Tags and Open Pre-filled Email Drafts via Client Scripts
Hello everyone! Welcome to another informative Kaizen post. In this post, let us see how to accomplish the following using Client Script. 1. How to auto-tag a record based on field update? 2. How to Open a pre-filled email draft This post will provideClient Script | Update - Introducing Commands in Client Script!
Have you ever wished you could trigger Client Script from contexts other than just the supported pages and events? Have you ever wanted to leverage the advantage of Client Script at your finger tip? Discover the power of Client Script - Commands! CommandsExtension Pointers - JS SDK series #4: Managing data from a widget using ZOHO.CRM.HTTP
Handling and managing the data between two applications is a major factor for an efficient business. There are a variety of ways to handle data between Zoho CRM and other third-party applications. You can use deluge CRM tasks, create connectors, use APIKaizen #152 - Client Script Support for the new Canvas Record Forms
Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achievedExtension pointers for integrating Zoho CRM with Zoho products #8: Upload and manage Zoho Workdrive folders and files from within Zoho CRM
Keeping records on your customers and business prospects is essential for tracking data, conducting follow-ups, and running a business smoothly. When you use two separate applications, and store relevant data in each, checking and tracking data becomes
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho DataPrep Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho Campaigns Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー