Kaizen #79 - OAuth2.0 - A Recap and FAQs
Hello everyone!
Welcome to another week of Kaizen!
Today, we will address a few frequently-asked questions about OAuth2.0 that include token generation, scopes, errors etc,.
If you have any other questions, let us know in the comment section. We will offer solutions and add them to this list.
Before we move on to common errors and their solutions, let us look at generating grant, access and refresh tokens for a client.
1. Creating a client
You must register your client on the API console to request access to users' resources. This client must handle authenticating itself to the authorization server and requesting an access token to access the users' resources.
Here is an example for creating a client for a server-based application.
2. Setting up an environment in Postman
- On the sidebar, click Environments > + icon.
- Enter a name for your environment.
- Create the following variables. We will fill in their values as we go along.
->client-id (obtained after registering the client)
->client-secret (obtained after registering the client)
->redirect-uri (given at the time of registering the client)
->accounts-url
->access-token
->refresh-token
->api-domain
->expiry-time - Select Save to save any environment variables you have added.
3. Generating the authorization code(grant token)
The authorization code flow is often used when the client is a web application running on a server. This flow uses a server-side redirect URI to receive the authorization code and adds a layer of security, rather than relying on a client-side redirect URI.
What do you need?
- client ID - obtained after registering the client.
- scopes - to get consent from the users to use their data. See the available scopes here.
- response_type - the value "code" as we are requesting for an authorization code.
- access_type - online or offline(to get a refresh token along with an access token, later).
What will you get?
- code - a one-time grant token that you will use to generate access and refresh tokens.
- accounts-server - the Zoho accounts URL that you will use to generate access and refresh tokens. This is the variable accounts-url in Postman.
- location - the API domain from which you must make API calls to access data. This is the variable api-domain in Postman.
Tip:
If you do not have an application, yet, but want to test this flow, copy-paste the following URL in your browser with valid values for the various parameters.
You will receive the grant token as a value to the key "code" in the redirect URL you specified while registering the client.
Here is a GIF of this process.
Self-client
Use this option if your application does not have a domain and a redirect URL.
You can also use this when your application is a standalone server-side application performing a back-end job like data sync.
4. Generating access and refresh tokens from the grant token
Access tokens allow the application to access user's data from the resource server. Each access token is valid for an hour, after which, you must use the refresh token to generate a new access token.
Note
Each access token is bound to the scope you specified while generating the grant token, i.e, if the scope while generating the grant token was ZohoCRM.modules.READ, you can only get data from all the modules but not update, create, or delete.
What do you need to generate access and refresh tokens?
- client_id - obtained while registering the client
- client_secret - obtained while registering the client
- redirect_uri - specified while registering the client
- code - the grant token you generated in the previous step
- grant_type - the value authorization_code
What will you get?
- access token - the token to access users' data. Valid for an hour.
- refresh token - the token to generate new access token for the same scope. Does not expire until it is revoked or till the 21st refresh token is created.
- scope - the scope for which these tokens are generated for.
- API domain - the domain to which you must make API calls to access data.
- expiry time in seconds and milliseconds - the time after which the access token expires in seconds and milliseconds. You can use this data to programmatically refresh the access token before it expires for continued access to data.
Here is how it works.
Tip:
When you use our API collection, the request to generate access and refresh tokens comes with a script that automatically updates the values of variables in your environment.
FAQs
1. Validity
- Grant token - Two minutes; one-time use only.
- Access token - One hour.
- Refresh token - does not expire until it is revoked or a 21st refresh token is created.
2. Token Limit
- Grant token - Ten grant tokens in a span of ten minutes.
- Access token - Ten access tokens in a span of ten minutes. When you generate the 11th token, the first-created one will be deleted, automatically.
- Refresh token - Ten refresh tokens in a span of ten minutes. You can have a maximum of 20 refresh tokens. When you create a 21st refresh token, the first-created one will be deleted.
The following are a few common errors you may face while generating tokens.
| Error | Cause | Solution |
invalid_oauth_token | The access token is either invalid or has expired. | Use the right access token or generate a new one from the refresh token. |
invalid_scope | The scope you have used is invalid. | Refer to Scopes for the list of available scopes. |
invalid_code | The authorization code(grant token) is invalid or has expired. | Grant token is valid only for two minutes. Use a grant token to generate access and refresh tokens within this time. Generate a new grant token if you face this error. |
invalid_redirect_uri | The redirect URI you have given in the API console is invalid. | Specify a valid redirect URI to be able to receive a grant token. |
invalid_client | Either the client ID or client secret is invalid. | Specify valid client ID and secret while making authorization calls. The API console has the client ID and secret. |
invalid_response_type | The value of the "response_type" key is invalid. | While generating access and refresh tokens from the grant token, the value of the "response_type" key must always be "code". |
Multi-DC
Zoho CRM is hosted at multiple data centers to comply with the privacy and data protection laws of various countries.
So, if your application is in the US DC but wants to use the data of users in the EU DC, you must enable multi-DC while registering your client.
The various domains and their respective accounts URLs are:
- US: https://accounts.zoho.com
- AU: https://accounts.zoho.com.au
- EU: https://accounts.zoho.eu
- IN: https://accounts.zoho.in
- CN: https://accounts.zoho.com.cn
- JP: https://accounts.zoho.jp
How do you ascertain the domain?
When you generate the grant token, the parameter location gives you the DC that the data is located in.
Similarly, when you generate the access and refresh tokens, the key api_domain gives you the domain-specific API URL.
For example, if you want to get the data of leads from EU, the API URL must be https://www.zohoapis.eu/crm/v4/Leads
We hope you found this post useful. We will meet you next week with another interesting topic.
Let us know your questions in the comment section or write to us at support@zohocrm.com.
Cheers!
Shylaja
Access your files securely from anywhere
New to Zoho Recruit?
Zoho Developer Community
New to Zoho LandingPage?
Zoho LandingPage Resources
New to Zoho Survey?
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Bigin?
Topic Participants
Shylaja S
David
Claire
Anu Abraham
Sticky Posts
Kaizen #152 - Client Script Support for the new Canvas Record Forms
Hello everyone! Have you ever wanted to trigger actions on click of a canvas button, icon, or text mandatory forms in Create/Edit and Clone Pages? Have you ever wanted to control how elements behave on the new Canvas Record Forms? This can be achievedKaizen #142: How to Navigate to Another Page in Zoho CRM using Client Script
Hello everyone! Welcome back to another exciting Kaizen post. In this post, let us see how you can you navigate to different Pages using Client Script. In this Kaizen post, Need to Navigate to different Pages Client Script ZDKs related to navigation A.Kaizen #210 - Answering your Questions | Event Management System using ZDK CLI
Hello Everyone, Welcome back to yet another post in the Kaizen Series! As you already may know, for the Kaizen #200 milestone, we asked for your feedback and many of you suggested topics for us to discuss. We have been writing on these topics over theKaizen #197: Frequently Asked Questions on GraphQL APIs
🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.Kaizen #198: Using Client Script for Custom Validation in Blueprint
Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
- Zoho サービスのWebセミナー
その他のサービス コンテンツ
Nederlandse Hulpbronnen
ご検討中の方
Recent Topics
Rendering PDF to view on page
My company upload lots of PDF files onto Zoho. But every time we open it, it downloads the file instead of viewing it on the web page. Does Zoho allow uploaded PDF files to be rendered to view on web page yet? I've been trying to use <embed> or <object> but it cannot be loaded. (similar thread: https://help.zoho.com/portal/community/topic/how-to-open-a-pdf-file-of-a-view-in-preview-mode)Dynamically Fetching Lookup Field Display Value
I have an audit trail form, Audit_Changes, that tracks old vs new values across different forms. For lookup fields, the old/new value is the ID, but I also need the display value. What's a best practice for dynamically fetching the display value of theWorkdrive and ChatGPT Team Synced Connectors
Hi, we want to be able to integrate Zoho Workdrive with OpenAI’s ChatGPT Team plan. Google Drive and OneDrive both offer this, zoho please catch up asap. We dont want to have to put our company files in google drive, we want to allow chatgpt Team editionAbility to Create New Items When Zoho Trident is Minimized via tray or taskbar icon
Allow users to create new items (emails, calendar events, tasks, etc.) directly from the system tray icon or by right clicking the task bar icon, even when the window is minimized or not actively running in the foreground. This enables quick access toBug Report and Suggestions for Improvement in Zoho Applications
Hi Zoho Team, I’d like to report a few bugs and improvement suggestions I’ve noticed while using Zoho products: Zoho Cliq Video Call: The camera sometimes turns off automatically during video calls. This seems to be a bug — please check and fix it. ZohoI can not see Undeliverable emails from my Mass Email Leads activity in CRM
I am sending email templates and I can not see the Undeliverables? I only receive the "Out of Office" replies and any manual replies from the lead. Can you please let me know where the Undeliverable emails are sent so I can use the information to clean up the database?Select Zoho Contacts as Meeting Participants in Zoho Cliq
Hello Zoho Cliq Team, We hope you're doing well. We would like to request an enhancement to the meeting scheduling functionality in Zoho Cliq. Current Limitation: When scheduling a meeting in Zoho Cliq, participants can only be selected from: OrganizationAbility to Select External Users from Participants List When Scheduling Meetings
Hello Zoho Cliq Team, We hope you're doing well. We would like to request an enhancement to the meeting scheduling experience in Zoho Cliq. Current Limitation when scheduling a meeting in Zoho Cliq: External users can be selected from the list only underKaizen #212 - Map Dependency Fields in Zoho CRM using APIs
Hi Everyone!! Welcome back to another week of Kaizen series! Over the past few weeks, we have been addressing your questions and feedback shared through our Kaizen 200th feedback form. Thank you for your continued engagement and thoughtful queries. WeOutdated state in mexico
Hello Zoho team, the drop down to add the state for customers, when they introduce their state in mexico has a city named “Distrito Federal” that name changed many years ago to “ciudad de mexico”. could you please update this so my clients can find theIs anyone using Zoho Flow with airtable?
I need to build a flow that collects data from airtable and uses some of that data to create folders and files in google drive. I have fully function version of this in zapier and want to migrate to zoho. I am trying to perform a very basic fetch fromSOME FEATURES ARE NOT IN THE ZOHO SHEET IN COMPARISION TO ZOHO SHEET
TO ZOHO sir/maam with due to respect i want to say that i am using ZOHO tool which is spreadsheet i want to say that some features are not there in zoho sheet as comparison to MS EXCEL like advance filter and other Features which should be there in ZOHOAI in Zoho Workplace: A Sneak Peek into What’s Coming!
Hello everyone, We’re super excited to share something we’ve been working on and we want you to be part of it! You may have seen our announcement blog post introducing a major evolution in how AI works within Zoho Workplace. Want to be among the firstDisplay Client Name in Zoho Creator Client Portal Dashboard
Hello Zoho Creator Team, We hope you are doing well. Zoho Creator recently introduced the option to set a client’s display name in the Client Portal settings, which is very helpful for providing a personalized portal experience. However, there is currentlyMeet Canvas' Grid component: Your easiest way to build responsive record templates
Visual design can be exciting—until you're knee-deep in the details. Whether it's aligning text boxes to prevent overlaps, fixing negative space, or simply making sure the right data stands out, just ironing out inconsistencies takes a lot of moving parts.Best way to share/download presentation files in Zoho without losing formatting?
Hello Zoho Community, I often work with PPT/PDF files in Zoho Docs and share them with colleagues. While PDFs usually give a direct download option, I’ve noticed that PPT/PPTX files sometimes only open in the viewer without a clear download link. Is thereWorkflow Failure - Notifications
Good afternoon, I have just experienced an error whereby a Workflow failed, for a reason currently unknown. The problem is that one of my users had to flag this manually (thankfully he's very thorough) and this otherwise would have flown under the radar.Introducing Bin Locations In Zoho Inventory
Hello users, We are excited to let you know that your wait for the Bin Locations feature has now come to an end! Yes, you heard us right! We are here to introduce the much-awaited Bin Locations now in Zoho Inventory. But before we dive into the featureError "Invalid client task found corresponding properties" only when triggered from workflow ?
Hi All, I am facing an error message I never encountered previously: Error in executing On Add - On Load script Error in executing thisapp.get_all_projects_api_call function. Line:(2) Error in executing thisapp.getAccessTokenFromRefreshToken function.How to interpret Campaign report statistics - definitions/explanation
I am trying to make sure I understand the Campaign report correctly Do you have a list of definitions for: Delivered - it has reached the recipient's inbox Campaign reach - is this the number that have opened the campaign email? Unique Opens Clicks/OpenFeature request - pin or flag note
Hi, It would be great if you could either pin or flag one or more notes so that they remain visible when there are a bunch of notes and some get hidden in the list. Sometimes you are looking for a particular name that gets lost in a bunch of less importantSchedule a Call by Date and Time when a specific lead status is selected
Hi Wanting to create a workflow where a call can be scheduled by date & time when a specific lead status is selected. Can only currently set the date by Due Date - Trigger Date - Plus 'x' day(s) ThanksZoho CRM's Copy Customization functionality now works across DCs, for customized accounts, and more
Availability This feature is available in Standard, Professional, Enterprise, and Ultimate editions. These changes have been rolled out to all users in all DCs. For more information, please refer to these help documents: Overview | Instructions HelloHow can I bold text on Zoho Forms submit buttons?
In the old theme builder, I could bold the text on a form's submit button. With the new theme builder, I can only change the text of the header or fields in the form, and not the button itself.5名限定 課題解決型ワークショップイベント Zoho ワークアウト開催のお知らせ (10/31)
ユーザーの皆さま、こんにちは。Zoho ユーザーコミュニティチームの中野です。 10月開催のZoho ワークアウトについてお知らせします。 今回はZoomにて、オンライン開催します。 参加登録はこちら(無料):https://us02web.zoom.us/meeting/register/BGYTysOnSqa9LA9eY2IKww ━━━━━━━━━━━━━━━━━━━━━━━━ Zoho ワークアウトとは? Zoho ユーザー同士で交流しながら、サービスに関する疑問や不明点の解消を目的としたHiding Pre-defined Views
You can enhance Zoho with custom views - but you cannot hide the pre-defined views. Most users focus on 4 or 5 views. Right now for EVERY user EVERY time they want to move to one of their 4 or 5 views - they have to scroll down past a long list of pre-defined views - we don't use ANY of the pre-defined views. Adding the feature to allow a predefined view to be hidden completely or only visible to certain users would be a big improvement in usability for Zoho CRM. This feature is already availableRich-text fields in Zoho CRM
Hello everyone, We're thrilled to announce an important enhancement that will significantly enhance the readability and formatting capabilities of your information: rich text options for multi-line fields. With this update, you can now enjoy a more versatile[Integration Edition] Deluge Learning Series – Third-Party Integrations with Deluge | October 2025
We’re excited to continue this three-month edition of the Deluge Learning Series: Session 1 – Integrating Zoho Apps with Deluge Using Built-In Integration Tasks Session 2 – Integrating Zoho Apps with Deluge Using invokeURL and invokeAPI Session 3 – Third-PartyFeature Request: Tag, Search, and Report on Individual Private Comments
Zoho Desk Team, First, I want to say that we are extensive users of Zoho Desk and it is a core part of our support operations. We rely heavily on the private comments feature for internal communication, knowledge sharing, and maintaining a clear historyZoho CRM Community Digest - August 2025 | Part 2
Hello Everyone! Here's a quick round-up of handy tips, clever workarounds, and product updates from late August. Product Updates: Meeting Enhancements in Zoho CRM! Track whether a meeting is online, in-office, or at the client’s location using the newAssistance Needed: Ticket Status Not Updating and Sorting by Last Customer Reply in Zoho Desk
Hello, I’m facing two issues in Zoho Desk that I’d like your guidance on: Ticket Status Not Updating: When a customer replies to a ticket, the status does not change to Reopened. Instead, it remains in Waiting on Customer, even after the customer’s responseRound robin
Hi, I'm trying to set up a round robin to automatically distribute tickets between agents in my team but only those tickets that are not otherwise distributed by other workflows or direct assignments. Is that possible and if so which criteria should ITime Entry Notifications
Hi All - I have support staff who place notes of their work in the time entry section of Zoho Desk. Is there a specific workflow or setting I need to enable to have the ticket holder updated via email when an entry is saved?Change text in help desk
Hi, Please let me know how can i change the this text, see screenshot.Customer happiness customisation
Hi, I was wondering if it's possible to somehow customise to whom and when customer happiness request is sent? Can you enable it only for selected tickets for example based on workflow or any other criteria (customer name, tag or anything else)? AlsoSign in process is beyond stupid. I'd rather plug my phone into USB and copy files than sign in to this POS.
792 clicks and fields to fill in just to get into a 3rd rate app is too stupid for me.No Zoho Support Response in Months
I want to say that I love Zoho FSM, Books, and CRM, but the support is scary bad. About 2-3 months ago, I emailed Zoho FSM support with two specific issues I needed help with, and I have still not received one single response. I also submitted a supportHas anyone built a custom AI support agent inside Zoho (SalesIQ/Zobot)?
Hi all, I’ve been experimenting with building my own AI support assistant and wanted to see if anyone here has tackled something similar within Zoho. Right now, I’ve set up a Retrieval-Augmented Generation (RAG) pipeline outside of Zoho using FAISS. ItNull
If a result is null how do I make it so that a custom error pops up instead of the default error? Can someone write an example as if I were using the script builder?Format a "return" message
Good day, Is there a way to format the message of the "return" function in CRM deluge script?Next Page