Kaizen #2 - OAuth2.0 and Self Client #API
Hi everyone!
Welcome back to another week of Kaizen!
In this post, we will shed some light on the OAuth2.0 protocol and how you can use Zoho's Self Client option to authenticate your application and generate the tokens.
What is OAuth2.0?
OAuth 2.0 is an industry standard protocol specification that enables third-party applications (clients) to gain delegated access to protected resources in Zoho via an API.
Why should we use OAuth2.0?
- Clients are not required to support password authentication or store user credentials.
- Clients gain delegated access, i.e., access only to resources authenticated by the user.
- Users can revoke client's delegated access anytime.
- OAuth access tokens expire after a set time. If the client faces a security breach, user data will be compromised only until the access token is valid.
To use the Zoho CRM APIs, you must authenticate the application to make API calls on your behalf with an access token.
The access token, in return, must be obtained from a grant token (authorization code).
Zoho CRM APIs use the authorization code grant type to provide access to protected resources.
In this type,
- The web application redirects the user to the OAuth server.
- The user sees the authorization prompt and approves the app's request as shown in the below image.
- The user is redirected back to the application with an authorization code in the query string.
- The application exchanges the authorization code for an access token.
As you can see, this involves user intervention while authorizing your application.
When should you use Self Client?
If your application is a stand-alone application that performs only back-end jobs like data-sync(without any manual intervention), you cannot use this authorization code flow.
In the below example image, the data sync happens between Zoho CRM and your legacy Product Management system. So, it is perfect to use the Self Client option as it does not need an UI for this type of application. Using this flow, you can generate the grant token, access, and refresh tokens.
How to use Self Client?
2. Choose Self Client from the list of client types.
3. Click Create on the Create New Client page and click OK in the pop up to enable a self client for your account.
4. Now, your client ID and secret is displayed under the Client Secret tab.
5. Click the Generate Code tab to generate the Grant token.
The grant token is a temporary token generated by the authorization server (Zoho CRM, here) to generate access and refresh tokens.Before generating the grant token, you must decide the scope you need. Scope decide the level of access a client can have to a resource.
Refer to our list of scopes, for more details.a. Click the Generate Code tab and enter the required scope separated by commas.
b. Select the Time Duration for which the grant token is valid. Please note that after this time, the grant token expires.c. Enter a description and click Generate.d. The generated code for the specified scope is displayed. Copy the grant token.e. Please note that generating grant token is a one-time process, provided you generate the access and refresh tokens within the time the grant token is valid for.
6. Generate the Access and Refresh tokens using Postman or any REST client.
a. Open Postman."{{accounts-domain}}/oauth/v2/token"{{accounts-domain}} is the domain-specific URL in which you registered your client.c. Pass the below keys and their values in the body of the request.
d. Hit Send. The access and refresh tokens are displayed in the response.
e. The access token is valid for an hour from generation.
f. The refresh token does not expire. You can use this to refresh your access token when they expire.
Quick tip: Enter all the required keys and values in Postman before you generate the token. This way, you will only have to paste the grant token after its generation, thereby reducing the risk of its expiration before you generate the tokens.
7. Store the access and refresh tokens and use the access token when you make API calls.
8. Write a script that will call the below token refresh URL before the time the access token expires.
"{{accounts-domain}}/oauth/v2/token?client_id={{client_id}}&client_secret={[client_secret}}&refresh_token={{generated_refresh_token}}&grant_type=refresh_token"
Other useful links:
We will meet you next week with another exciting topic!
Cheers!
Access your files securely from anywhere
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Shylaja S
alexb
Praveen Sankar
Vyas
martin wheeler
Sticky Posts
Client Script | Update - Introducing Commands in Client Script!
Have you ever wished you could trigger Client Script from contexts other than just the supported pages and events? Have you ever wanted to leverage the advantage of Client Script at your finger tip? Discover the power of Client Script - Commands! CommandsKaizen #165 : How to call Zoho CRM APIs using Client Script
Welcome back to another exciting Client Script post! In this post, we will discuss one of the most frequently asked questions: How do you call Zoho CRM APIs from Client Scripts? In this kaizen post, 1. Ways to make calls to Zoho CRM APIs using ClientKaizen#162 : Add Tags and Open Pre-filled Email Drafts via Client Scripts
Hello everyone! Welcome to another informative Kaizen post. In this post, let us see how to accomplish the following using Client Script. 1. How to auto-tag a record based on field update? 2. How to Open a pre-filled email draft This post will provideExtension Pointers - JS SDK series #4: Managing data from a widget using ZOHO.CRM.HTTP
Handling and managing the data between two applications is a major factor for an efficient business. There are a variety of ways to handle data between Zoho CRM and other third-party applications. You can use deluge CRM tasks, create connectors, use APIKaizen #152 - Client Script Support for the new Canvas Record Forms
Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achieved
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho DataPrep Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho Campaigns Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー
その他のサービス コンテンツ
Nederlandse Hulpbronnen
ご検討中の方
Recent Topics
Segmenting Contacts Based on Product Purchased
I am trying to organize our main Marketing Automation email list in a way that segments contacts based on products they have purchased (for example in this case it is 3 different products). To my knowledge, this would require the sync from Zoho CRM toUrgent Assistance Needed with DKIM Verification
Hi, I have been trying to verify the DKIM for the past month using your instructions as well as other resources. Unfortunately, I have not been able to resolve the issue, and it remains persistent. I need to address this problem as soon as possible soHow do I attach tasks from one task to other tasks in the same project
How do I attach tasks from one task to other tasks in the same projectIncorrect Handling of XLSX data
Trying to import an XLSX schedule of bills into Zoho Books I ran across the problem of date formatting. To replicate: Build a CSV file with bill dates in whatever format you like and import it - this should work if you match the "dd/MM/yyy" etc. formatZoho Books Invoice Salesperson: requires ID but there is no "Fetch salesperson" action
Hi, I am trying to attach a Salesperson to a Zoho Books invoice. In Zoho Flow, the salesperson field required an ID. However, I only have the salesperson name, I need to fetch salesperson by name and then provide the ID. There is no option to fetch salesperson...Change format of quantity format
Hi, I would like to change the qunatity format from 1,00 to 1. Is this possible? thanks!Ticket Views: filter criteria -> dynamic date values in relation to the current date
Hello all, It would be very helpful if you could build custom views in such a way that you do not have to adjust the criteria daily or at whatever interval in order to change the fixed date value as needed. For example, I would like to create a view that,Captchas: No support for Google reCAPTCHA or similar
Hi all, The current captcha integrated into Creator is very basic, and often near-impossible to read. I'm building an app for a charity which includes a couple of public-facing forms, and this is a real issue for people with dyslexia and related conditions - it's effectively excluding them if you want any form of spam protection at all on your published forms (and that being said, the current captcha doesn't even seem very effective - bots can often read it more easily than humans). I've raised thisMaintain consistency in ticket responses with shared snippets
Hello everyone! We are excited to announce that our highly anticipated snippet sharing feature is now available to all users. As you know, snippets are pre-defined message templates, or canned messages, that help agents respond to tickets with efficiency.Tickets - Zoho Desk
Hi Team, My Clients need to see their tickets created and the status of the ticket in the Zoho Support Desk itself. How can I do this? My Client doesn't have a Zoho Account. They need to access the ticket by the provided link without signing in.Automatically assign Contacts to Account owners
Hi, I have a finite number of accounts set up in the CRM, and each new contact that comes in is automatically assigned to an Account according to a rule I set up. I want the Contact owner in the Contacts module to be assigned to the relevant Account owner.Making Copies/Duplicates of Zoho Forms (Shared)
Question to the community: is there a way to take a 'shared form' , make a duplicate copy and save under My Forms, so that i can use that which was already created as a template to make updates to and use as a test form and be able to have full access,Using IMAP configuration for shared email inboxes
Our customer service team utilizes shared email boxes to allow multiple people to view and handle incoming customer requests. For example, the customer sends an email to info@xxxx.com and multiple people can view it and handle the request. How can I configureCan you help us creating a customised form with payment link?
I would like to create a customised Transport form where the user will be asked to make payment basis the drop/ pick up they select.Deleting or disabeling predefined ticket list views
Is it possible to delete or disable predefined views or is this still not possible? For instance, we are not using the chat function and therefore have no use for the "Missed Chats" view. Thanks!Email an Invoice from API
When calling the API to email an invoice, it seems it does not actually send it. Below is a screen shot where I used an API call for the bottom record, and it updated its' status to "Due Today", but no email was actually sent. The top record, I hit theUnable to load your extension. Please check your plugin-manifest or Resources.json.
Hi Team, I am using the config module with multiple fields of different types, such as checkboxes and picklists. However, I am encountering the following issues: Error Message: When loading the extension, I get the error: "Unable to load your extension.Layout Rules / Quick create
Hello, is there a way to create a layout rule for quick create option? Regards, KatarzynaIssue with Create Note Button and Popup Form in Leads Module
Hello Zoho Community, I am trying to implement a "Create Note" button in the Leads module with the following functionality: 1. When the button is clicked, a form should pop up with fields to add notes. 2. After filling out the form and clicking Send,Finding draft ticket replies
Is there a way to see all tickets which have draft replies?Guidance on Making Zoho Desk Connections Available for All Data Centers
Hi Team, I’m currently developing an application using Zoho Desk connections to manage OAuth for my third-party products. Could you please advise on the steps required to make it available across all data centers? Looking forward to your thoughts onAble to change project on timelog entries
Ability to move the timesheet entry from one project to another. When a user adds a wrong entry a manager can change/update the timesheet entry to the correct project.Caso de Uso | Menos trámites, más salud: Clínicum optimiza sus recursos con Zoho One
"La automatización del proceso de solicitud de bajas y su trazabilidad a través de Zoho nos ha supuesto una mejora en el ROI." - Carol Rodríguez, Responsable de Experiencia del Cliente interno y externo en Clínicum ¡Hola a todos! Estamos emocionados deHow do I stop getting notified about upgrading to Upgrade now and save big!
How do I stop getting notified about upgrading to Upgrade now and save big! There is no way to clear this notification, and EVERY Day I get alerted to upgrade, but there is no permanent way to dismiss this alert! How can I permanently dismiss this aDouble opt-in notifications and customizable confirmation messages for your webforms
Dear CRM Community, We are excited to announce a major upgrade to our Webforms feature. You can now customize the confirmation message shown to your users who double opt-in from your webform and also customize your confirmation emails when they submitBulk create tasks - Zoho Projects API
Hi Zoho/Community, I am trying to create multiple tasks in a single API call, is there a way we can combine multiple request bodies into one single payload? The issue I am facing is the rate limiting on the API, I wanted to create certain amount of tasksTask Due dates and Reminder Date & Time
I like to have a reminder on many tasks in Zoho Recruit. I find the process cumbersome in that each task requires the following: 1. click and select due date 2. Click the reminder box 3. Click on (Reminder) Start Date 4. Click on (Reminder )Time If oneUnable to Access Admin Console and Email Sending Issues
Hello Zoho Support Team and Community, I hope this post finds you well. I am currently facing two significant issues with Zoho services: Admin Console Access Issue: Every time I try to access the Zoho Admin Console, it gets stuck on the loading screenTracking new lead response time
Hi, I have a team of Sales Development Reps, who have a KPI of responding to a lead within 20 mins or less once it hits the system. I seem to recall that Zoho CRM had the capability to track this in a previous version, but don't see it anywhere. It'sGetting The Following Error.. 550 5.4.6 Unusual sending activity detected
I just launched a marketing campaign and I got this error. Everything was working fine previously. This is a big launch so need to fix it asap. Can anyone help?Printing on 80mm bluetooth Pos Printer
Hello. I am trying to print receipts and invoices using my 80mm bluetooth connectivity Pos printer. I have configured the Templates to Retail so that it matches the paper width of the Pos printer. However, when I click Print in zoho, first it opens theTrying to integrate gmail but google keeps blocking Zoho access for integration??
hi i am trying to integrate a gmail account so can track/access business emails this way. I have followed the instructions but after selecting my email account it gets re-routed to this message (screengrab below) Can anyone advise a way around this orWhich attribute in Zoho books invoice api represent branch attached to the invoice?
Hi Zoho Team, We have done the integration with Zoho Books API. While fetching data from Invoice API we want to get branch value attached to the invoice. We could not figure out which field in "Get an Invoice" api represents branch value attribute. ThanksHow to Billed from two different GST Numbers
How to Billed from two different GST Numbers. Suppose ABC & Co had GST registration in Delhi and Haryana and Zoho account is created with Delhi GST Registration number. Now i also want to issue invoice from Haryana GST Registration number. How can i proceed ?How to hide Predefined views
Hi, I would like to know how to hide: Predefined views and Recent views or some records from this list. If I'm using it form iPad I have to scroll to see User created views. Or maybe it's possibility to move User created views on the top. All the best,Deleting Views
How do you delete views? Please sydFixed Assets
Where would I manage my fixed assetsReport on Assets
Hi, Is it possible to report purchased assets on a specific year? The Balance Sheet shows everything up to the current date, and the expense reports will not show purchased assets because they are assets not expenses. If it is not possible, then is it possible to setup an API connection with Books to extract data from to another Reporting application?Purchase of Fixed Assets
How can I record the purchase of assets using zoho books? For example, I purchased 4 laptop for 100000 $ each and paid it through my bank account. How can I record this transaction and maintain track of how much of the assets I bought?Where is the Fixed Asset Register?
I am a Zoho One user for 18 months, using invoicing and CRM and now ready to migrate my books to Zoho Books. Where do I keep the fixed asset register for the equipment that I use in my business? I have a service based business with a lot of gear and businessNext Page