Hello Everyone!
What you will learn from this post?
If you want to integrate your web application with Zoho CRM, this post will help you understand how to handle multiple domains for your application.
1. Handling multiple domains for web-based clients
1a. Web-Based Clients
As we all know, in a web-based client, your application is used by multiple users from different domains and environments.
1b. Role of domains while registering client
Zoho CRM is hosted at multiple data centers. Therefore, the URL with which you make API calls also depends on the data center. This makes integration simpler. The following are the different domains available.
a. Europe (.eu)
b. Australia (.com.au)
c. India (.in)
d. US (.com)
e. China (.com.cn)
While registering your client, use your domain-specific Zoho Accounts URL.
Enabling Multi DC for your web-based client
After registering your client, you can enable Multi DC in the settings tab.
With this option, you can decide users from which domain can access the web application.
You can see in the above screenshot that users from Europe, Australia, and India can access the application.
Ideally, the client ID remains the same, and the client secret differs from one DC to another. You can also choose to have the same client secret across multiple domains based on your business needs.
1c. Role of domains while authorizing your web-based client
For web-based clients, you must use the redirection-based code generation. In this method, the users authorize the application, and the application receives the grant token (code) as a parameter in the redirect URI.
You must make the authorization request using https://accounts.zoho.com for all the domains except China. After the request is successful, the system automatically redirects the users to their corresponding domains.
How this works?
You must have a link or a button in your application, when clicked, redirects the users to the following authentication URL:
- Based on the user's login details, the system automatically detects the user's domain and uses the domain-specific authentication URL to obtain the grant token (code).
Consider a user from India, who is trying to access the application in the US. Even though the initial authentication was carried out in .com domain, based on the user's login credentials, the system redirects the user to .in domain, as shown in the screenshot.
- In this page, the user reviews the data access permissions, and can accept or reject the request.
When the user clicks Accept
- The browser redirects the user to the redirect_uri you specified during client registration.
- The application gets authorized. The grant token and the user's location are appended as parameters in the redirect_uri.
- A back-end script from your end needs to store the following details from the above URL.
- code={grant_token} - This is used to generate access and refresh tokens.
- location={domain} - This tells you the domain of the user from which you have to make API calls.
When the user clicks Reject
The browser redirects to the redirect URI with the parameter error=access_denied, and your application is denied access to the user's data in Zoho CRM.
Note:
The grant token is valid only for a minute.
Details you have gathered so far:
- Grant token
- User's location
1d. Role of domain while generating access and refresh token
From the previous section, you have the user's domain. You must use the domain-specific Zoho Accounts URL to generate the access and refresh tokens. The following are the various domains and their corresponding accounts URLs.
- Use these domain-specific Zoho Accounts URL to generate the access and refresh tokens.
- To get the current user details, make the following API call.
{{api-domain-URL}}/crm/v2/users?type=CurrentUser - You will receive the current user details in the response.
Details you have gathered so far:
- Grant token
- User's domain
- Current user details
- Accounts domain
- Access token
- Refresh token
- Expires_in
2. Environments in Zoho CRM
In our last post, we discussed different environments in Zoho CRM.
The user may want to integrate Zoho CRM for any environment(Production, Sandbox, Developer) in the application. You must get this information as input from a page in your application. For instance, you can have a page that lists the available environments, and ask the user to choose one.
You can then make API calls using the below URLs.
Store these details in your application DB, and use them when you make API calls. For instance,
user_id
| access_token
| refresh_token
| expires_in
| domain
| accounts_domain
| Environment
|
694579958
| 1000.xxxx.446
| 1000.xxxx.a787
| 3600
| .com
| accounts.zoho.com
| sandbox
|
698599774
| 1000.xxxx.59d
| 1000.xxxx.a98b
| 3600
| .in
| accounts.zoho.in
| production
|
.
| .
| .
| .
| .
| .
| .
|
.
| .
| .
| .
| .
| .
| .
|
.
| .
| .
| .
| .
| .
| .
|
If the environment is not specified, all the changes are reflected in the production environment.
We hope you found this post useful. Keep a tab on this series for more exciting topics!
Reach out to us at support@zohocrm.com if you have any questions, or let us know in the comment section.
We will meet you next week with another useful topic.
Cheers!