Kaizen #79 - OAuth2.0 - A Recap and FAQs

Kaizen #79 - OAuth2.0 - A Recap and FAQs

Hello everyone!
Welcome to another week of Kaizen!
Today, we will address a few frequently-asked questions about OAuth2.0 that include token generation, scopes, errors etc,.
If you have any other questions, let us know in the comment section. We will offer solutions and add them to this list.
Before we move on to common errors and their solutions, let us look at generating grant, access and refresh tokens for a client.

1. Creating a client

You must register your client on the API console to request access to users' resources. This client must handle authenticating itself to the authorization server and requesting an access token to access the users' resources.
Here is an example for creating a client for a server-based application.


2. Setting up an environment in Postman

  1. On the sidebar, click Environments > + icon.
  2. Enter a name for your environment.
  3. Create the following variables. We will fill in their values as we go along.
    ->client-id (obtained after registering the client)
    ->client-secret 
    (obtained after registering the client)
    ->redirect-uri (
    given at the time of registering the client)
    ->accounts-url
    ->access-token
    ->refresh-token
    ->api-domain
    ->expiry-time
  4. Select Save to save any environment variables you have added.


3. Generating the authorization code(grant token)

The authorization code flow is often used when the client is a web application running on a server. This flow uses a server-side redirect URI to receive the authorization code and adds a layer of security, rather than relying on a client-side redirect URI.

What do you need?

  • client ID - obtained after registering the client.
  • scopes - to get consent from the users to use their data. See the available scopes here.
  • response_type - the value "code" as we are requesting for an authorization code.
  • access_type - online or offline(to get a refresh token along with an access token, later).

What will you get?

  • code - a one-time grant token that you will use to generate access and refresh tokens.
  • accounts-server - the Zoho accounts URL that you will use to generate access and refresh tokens. This is the variable accounts-url in Postman.
  • location - the API domain from which you must make API calls to access data. This is the variable api-domain in Postman.
Tip:
If you do not have an application, yet, but want to test this flow, copy-paste the following URL in your browser with valid values for the various parameters. 
You will receive the grant token as a value to the key "code" in the redirect URL you specified while registering the client.

Here is a GIF of this process.


Self-client

Use this option if your application does not have a domain and a redirect URL.
You can also use this when your application is a standalone server-side application performing a back-end job like data sync.


4. Generating access and refresh tokens from the grant token

Access tokens allow the application to access user's data from the resource server. Each access token is valid for an hour, after which, you must use the refresh token to generate a new access token. 

Note
Each access token is bound to the scope you specified while generating the grant token, i.e, if the scope while generating the grant token was ZohoCRM.modules.READ, you can only get data from all the modules but not update, create, or delete.

What do you need to generate access and refresh tokens?

  • client_id - obtained while registering the client
  • client_secret - obtained while registering the client
  • redirect_uri - specified while registering the client
  • code - the grant token you generated in the previous step
  • grant_type - the value authorization_code

What will you get?

  • access token - the token to access users' data. Valid for an hour.
  • refresh token - the token to generate new access token for the same scope. Does not expire until it is revoked or till the 21st refresh token is created.
  • scope - the scope for which these tokens are generated for.
  • API domain - the domain to which you must make API calls to access data.
  • expiry time in seconds and milliseconds - the time after which the access token expires in seconds and milliseconds. You can use this data to programmatically refresh the access token before it expires for continued access to data.
Here is how it works.


Tip:
When you use our API collection, the request to generate access and refresh tokens comes with a script that automatically updates the values of variables in your environment.


FAQs

1. Validity

  • Grant token - Two minutes; one-time use only.
  • Access token - One hour.
  • Refresh token - does not expire until it is revoked or a 21st refresh token is created.

2. Token Limit

  • Grant token - Ten grant tokens in a span of ten minutes.
  • Access token - Ten access tokens in a span of ten minutes. When you generate the 11th token, the first-created one will be deleted, automatically.
  • Refresh token - Ten refresh tokens in a span of ten minutes. You can have a maximum of 20 refresh tokens. When you create a 21st refresh token, the first-created one will be deleted.
The following are a few common errors you may face while generating tokens.

Error
Cause
Solution
invalid_oauth_token
The access token is either invalid or has expired.
Use the right access token or generate a new one from the refresh token.
invalid_scope
The scope you have used is invalid. 
Refer to Scopes for the list of available scopes.
invalid_code
The authorization code(grant token) is invalid or has expired.
Grant token is valid only for two minutes. Use a grant token to generate access and refresh tokens within this time.
Generate a new grant token if you face this error.
invalid_redirect_uri
The redirect URI you have given in the API console is invalid.
Specify a valid redirect URI to be able to receive a grant token.
invalid_client
Either the client ID or client secret is invalid.
Specify valid client ID and secret while making authorization calls. The API console has the client ID and secret.
invalid_response_type
The value of the "response_type" key is invalid.
While generating access and refresh tokens from the grant token, the value of the "response_type" key must always be "code".

Multi-DC

Zoho CRM is hosted at multiple data centers to comply with the privacy and data protection laws of various countries.
So, if your application is in the US DC but wants to use the data of users in the EU DC, you must enable multi-DC while registering your client.

The various domains and their respective accounts URLs are:

How do you ascertain the domain?

When you generate the grant token, the parameter location gives you the DC that the data is located in.
Similarly, when you generate the access and refresh tokens, the key api_domain gives you the domain-specific API URL.
For example, if you want to get the data of leads from EU, the API URL must be https://www.zohoapis.eu/crm/v4/Leads

We hope you found this post useful. We will meet you next week with another interesting topic.

Let us know your questions in the comment section or write to us at support@zohocrm.com.

Cheers!
Shylaja

    Access your files securely from anywhere

          Zoho Developer Community




                                    Zoho Desk Resources

                                    • Desk Community Learning Series


                                    • Digest


                                    • Functions


                                    • Meetups


                                    • Kbase


                                    • Resources


                                    • Glossary


                                    • Desk Marketplace


                                    • MVP Corner


                                    • Word of the Day



                                        Zoho Marketing Automation


                                                Manage your brands on social media



                                                      Zoho TeamInbox Resources

                                                        Zoho DataPrep Resources



                                                          Zoho CRM Plus Resources

                                                            Zoho Books Resources


                                                              Zoho Subscriptions Resources

                                                                Zoho Projects Resources


                                                                  Zoho Sprints Resources


                                                                    Qntrl Resources


                                                                      Zoho Creator Resources



                                                                          Zoho Campaigns Resources


                                                                            Zoho CRM Resources

                                                                            • CRM Community Learning Series

                                                                              CRM Community Learning Series


                                                                            • Kaizen

                                                                              Kaizen

                                                                            • Functions

                                                                              Functions

                                                                            • Meetups

                                                                              Meetups

                                                                            • Kbase

                                                                              Kbase

                                                                            • Resources

                                                                              Resources

                                                                            • Digest

                                                                              Digest

                                                                            • CRM Marketplace

                                                                              CRM Marketplace

                                                                            • MVP Corner

                                                                              MVP Corner





                                                                                Design. Discuss. Deliver.

                                                                                Create visually engaging stories with Zoho Show.

                                                                                Get Started Now


                                                                                  Zoho Show Resources


                                                                                    Zoho Writer Writer

                                                                                    Get Started. Write Away!

                                                                                    Writer is a powerful online word processor, designed for collaborative work.

                                                                                      Zoho CRM コンテンツ






                                                                                        Nederlandse Hulpbronnen


                                                                                            ご検討中の方





                                                                                                  • Recent Topics

                                                                                                  • Inbox Preference - Saved replies based on message repsonse with specific word

                                                                                                    Hi There, Can one create a workflow where the Save Reply will be generic for all messages that contains a specific word, various channels,. The saved reply should contain a link for download etc. that is a response to the word entered in the message contained
                                                                                                  • Basic Price List Functionality Still Missing

                                                                                                    I am having a problem with the most simple imaginable pricing scenario - you buy cheap, add profit, then sell high. Or in less simplistic terms: business buys a product at a given cost, then adds predetermined percentage markup, and finally sells that
                                                                                                  • How do I hire employees????

                                                                                                    Hi! I own a bookkeeping company, where a few of my clients use Zoho Books as their accounting platform . I started utilizing Zoho Practice to work on the books of my Zoho clients, some have Zoho One and some have Zoho Books plans. I just hired an employee,
                                                                                                  • Automate data upload process like reports

                                                                                                    I'll start with the end in mind.  I want to basically keep certain creator tables updated with data that are in a sql database/tables in our office (employees, active jobs, employee positions) so I can reference that data and not have to duplicate it by hand every time someone adds a new job or employee in the office desktop software.  Here are some thoughts I had about how to do this, but am unsure as to whether any of them are actually possible and how to go about it from there: Is there any way
                                                                                                  • Greylisted, try again after some time

                                                                                                    Can you check my ip, i send to duyna@vietlinkjsc.vn but have an error; my ip is 112.213.94.12 Here is log: 2018-01-09 09:40:29 H=mx.zoho.com [204.141.32.121] SMTP error from remote mail server after RCPT TO:<duyna@vietlinkjsc.vn>: 451 4.7.1 Greylisted, try again after some time 2018-01-09 09:40:32 H=mx2.zoho.com [204.141.33.55] SMTP error from remote mail server after RCPT TO:<duyna@vietlinkjsc.vn>: 451 4.7.1 Greylisted, try again after some time 2018-01-09 09:40:32 duyna@vietlinkjsc.vn R=lookuphost
                                                                                                  • Emails linked to Deal

                                                                                                    Hello everyone, I’d like to ask a question to see if someone can help me out. We are requesting availability from suppliers by sending emails directly from the Opportunity. These emails we send are logged within the Opportunity; however, when we receive
                                                                                                  • How to transfer all my mails from Zoho to Gmail or Office 365

                                                                                                    is there any option to move my emails from zoho to gmail or office 365. i would like to export more than 25k emails from zoho to office 365 or gmail. can anyone help me to guide properly. this will help me to access my emails easily i have both account and can easily  do it with office 365 or gmail. i want two options. direct from zoho to office 365  or exported eml files from zoho to gmail. please suggest me both if possible 
                                                                                                  • Inquiry Regarding Image Display Issue in Campaign Duplication

                                                                                                    We are currently using Zoho Campaigns for email distribution to our clients. I would like to inquire about an issue we encountered. When duplicating a previously created and sent campaign from the "All Campaigns" section, the images used in the header
                                                                                                  • New integrations for Bigin: Zoho Sign, SalesIQ, and Marketing Automation

                                                                                                    Greetings, We're excited to share new integrations that make Bigin more powerful and useful for your business! Zoho Sign for Bigin Zoho Sign now integrates seamlessly with Bigin, enabling you to sign, send, and manage contracts or agreements without leaving
                                                                                                  • Add multiple users to a task

                                                                                                    When I´m assigning a task it is almost always related to more than one person. Practical situation: When a client request some improvement the related department opens the task with the situation and people related to it as the client itself, the salesman
                                                                                                  • What is Attendee Status 0 and 1?

                                                                                                    Hi there, I recently stumbled upon the API to get the attendee list and in the return value, there is a parameter called "status", and 0 supposed to mean not_attending, and 1 means attending. I cannot find this representation anywhere in the attendee
                                                                                                  • ZOHO BackStage

                                                                                                    How to get list of events, using ZOHO BackStage APIs. Is it possible OR not?
                                                                                                  • How to Customize Task Creation to Send a Custom Alert Using JavaScript in Zoho CRM?

                                                                                                    Hello Zoho CRM Community, I’m looking to customize Zoho CRM to send a custom alert whenever a task is created. I understand that Zoho CRM supports client scripts using JavaScript, and I would like to leverage this feature to implement the alert functionality.
                                                                                                  • Zoho Meeting iOS app update - Join breakout rooms, access polls, paste links and join sessions, in session host controls

                                                                                                    Hello, everyone! In the latest iOS version(v1.7) of the Zoho Meeting app, we have brought in support for the following features: Polls in meeting session Join Breakout rooms Paste link in join meeting screen Foreign time zone in the meeting details screen.
                                                                                                  • Calculate hours between 2 date/time fields

                                                                                                    Hi, Does anyone know if it is possible to get the number of hours between 2 date/time fields in a zoho crm custom function? Thanks, Michael
                                                                                                  • External ID validation.

                                                                                                    I added an external ID field as below in one of my custom modules: When creating records via the API using some value (eg: 762115b2-097e-43b2-bdba-f3924a5371a6) for this field, it works without any problem. I can create and even see the records on the
                                                                                                  • CRM x WorkDrive: File storage for new CRM signups is now powered by WorkDrive

                                                                                                    Availability Editions: All DCs: All Release plan: Released for new signups in all DCs. It will be enabled for existing users in a phased manner in the upcoming months. Help documentation: Documents in Zoho CRM Manage folders in Documents tab Manage files
                                                                                                  • Remove Address from credit card payment

                                                                                                    I would like to remove the need to add address when paying by credit card. I only want the customer to have to add their credit card details.
                                                                                                  • Create a button that executes a customized function

                                                                                                    Hello, I have created a summary view in which I combine the data from my items table and suppliers table. I would like to know if there is the possibility of adding a button somewhere in the view to be able to execute a function when clicked on it. I
                                                                                                  • Custom field doesn't fill when converting sales order to invoice

                                                                                                    Hi, When I convert a Sales Order to an Invoice one of the custom fields on a product line names "Subsidie" does not seem to fill in automatically. I manually have to select the product again by clicking on the product name in the order line en re-select
                                                                                                  • Can I use ZOHO calendar to schedule a Youtube video that is already in my youtube account, but listed as private or unlisted?

                                                                                                    I am creating Youtube videos and shorts and then uploading them to our Channel so others can view and approve. Once approved I would like to just schedule them over the next few days within Zoho. So far it looks like I have to re-upload the video to Zoho
                                                                                                  • How to Display a Logo Image on a Public Form?

                                                                                                    I would like to display a logo image in the header of a form. To achieve this, I added an Add Notes field to the form. The code below works perfectly for Zoho users accessing the form. However, when the form is made public, the image does not load properly:
                                                                                                  • Advice for my first project in Zoho

                                                                                                    Hello, how can I design and implement a customized ERP and CRM system using Zoho to automate and manage core business functions, including customer relationship management, property inventory, sales tracking, and financial processes. This is one of my
                                                                                                  • Associate Email API Internal Error

                                                                                                    I am trying to associate an already existing email within a function using the Related Emails API. To provide more context, I also have admin permissions and have ensured that the fields are correct and that I have admin permissions when associating the
                                                                                                  • Profit on Sales order

                                                                                                    Hi, would it be possible to implement a column at the Sales order overview of Purchase amount? So a field with the amount of all purchase related to this Sales order? This is very usefull so you will see the profit you made on this deal. I tried to get
                                                                                                  • Subform Data in v2 REST API

                                                                                                    What is the mechanism for adding subform data in the Creator v2 REST APIs?  There is nothing documented in the Data APIs documentation (https://www.zoho.com/creator/help/api/v2/).   I was able to determine how to GET the subform data by adding it to the
                                                                                                  • Is the filename of an attachment restricted to only certain languages?

                                                                                                    Hi, I tried to create a file card in a notebook, but I encountered an issue: when the filename of an attachment is in languages other than the main ones (such as English, Japanese, or Simplified Chinese......), syncing stops or the filenames become garbled
                                                                                                  • How to create comparison time periods like these examples

                                                                                                    In a Pivot Report I would like to be able to select any date range and show a set of metrics for that date range e.g. revenue, orders, units sold. I would then like to be able to compare to the previous period based on the amount of days on the selected
                                                                                                  • Overwrite Option for custom modules

                                                                                                    Hi Team, I noticed that the overwrite option is unavailable in Zoho Books when importing data for custom modules. This limitation makes it challenging to bulk update old data, as the only option is the 'bulk update' feature, which is restricted to 25
                                                                                                  • Zoho Creator - Zoho Analytics

                                                                                                    I am facing an issue in Zoho Analytics where I am still seeing deleted data from the Zoho Creator form I created. Could you please look into this and let me know what needs to be done?
                                                                                                  • Unable to send emails

                                                                                                    I have this email parth@mrcolumbus.in, but I couldnt send outgoing email. Can you please help?
                                                                                                  • Notifications push : Encourager le réengagement et renforcer la fidélité des utilisateurs efficacement

                                                                                                    Vous avez déjà souhaité engager et communiquer de manière proactive avec les utilisateurs, y compris lorsqu'ils utilisent votre application de manière peu active ? Zoho Apptics vous offre déjà des fonctionnalités qui vous permettent d'évaluer la performance,
                                                                                                  • Easy way to delete attachments

                                                                                                    I've reached my data limit and would like to run a view/report, and mass delete attachments. Is there an easy, fast way to do this? Moderation Update: Post Summary: There are two features the post discusses a) Easy way to remove Email attachments Will
                                                                                                  • How to add new deal to existing contact

                                                                                                    Hi, I want to add new deal to existing contact.
                                                                                                  • Domain verification is in progress... (How long do I need to wait?)

                                                                                                    Trying to setup my first email domain by connecting with GoDaddy. Have been here for quite some time and the screen is not changing. How long should this take?Send DataSend Data
                                                                                                  • email address autocomplete

                                                                                                    Is there a way to eliminate certain addresses from showing up in auto complete when entering an address? Many old and unused addresses currently show up, many of which I would like to get rid of. Thanks
                                                                                                  • Linking an email to a Contact when the email is sent in deluge via sendmail

                                                                                                    The "to:" address in this code is a CRM Contact. Email address is forced unique in CRM This sendmail gets sent via a workflow which is in a custom module. It works, except that the outbound email does not appear (i.e, get linked to) the Contact such that
                                                                                                  • How to restore deleted Field

                                                                                                    I edited a field in zoho form and by accident I deleted a field (email address). The form is ongoing to be filled by respondent. Then, when I checked to the all entries and report, the email address is gone. I checked in audit log, there is a record that
                                                                                                  • How to select multiple notes at once in the PC client?

                                                                                                    In the PC client, you can select notes using ctr+LMB. But why can't you use shift+LMB? PC version 3.2.0
                                                                                                  • How I can add customized Invoice

                                                                                                    Hi, I wanna use a customized Invoice, how i can add that
                                                                                                  • Next Page