How to automate OAuth token generation without browser intervention?
Case 1
When you develop applications to source your own information, you won't have any proper redirection URLs. In that case, you can use Self Clients to get an authorization grant code. This one-time code can exchanged for an access token and a refresh token by making POST request to /oauth/v2/token.
Case 2
When you develop a web-server based application,
- You have to generate grant code using /oauth/v2/auth API.
- In /oauth/v2/auth by default, access_type will be online. Changing the parameter as access_type=offline will give refresh token along with the access token as a response for /oauth/v2/token.
- Save the created refresh token in your side. You can generate access tokens using refresh tokens
- Once the access token expires you can regenerate them using refresh tokens automatically.
If you have deleted the refresh token, include access_type=offline in your authorization request. Adding prompt=consent along with access_type parameter prompts the OAuth page every time when your app tries to access user details.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho Forms?
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
Zoho SalesIQ Resources
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Zoho DataPrep Resources
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Bigin?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
Related Articles
What to do when error occurred during access token generation?
The endpoint /oauth/v2/token supports only POST request. Request you hit directly from the browser is a GET request. Since token generation requests contain sensitive information like client secret and refresh tokens, GET request is not allowed. ...Asked to sign in to my account every time I quit my browser
What happened? If you sign in to your Zoho account once and mark your browser as the trusted browser, we won't ask you to sign in to your account for the next 30 days, even if you quit the browser. However, based on your browser settings or ...What is OAuth token and why should I migrate from Authtokens to it?
OAuth tokens are an industry standard protocol that are replacing old and obsolete authtokens. Unlike OAuth tokens which expire in one hour, authtokens will never expire unless you manually revoke them in your Zoho Accounts dashboard leading to many ...Why am I being asked for a verification code even after using my trusted browser?
Trusted browsers rely on information stored in the browser cookies. Your browser may be clearing cookies after you sign out of a session. Follow the steps given below to ensure you are not asked for a verification code even after using your trusted ...How to regenerate access token automatically?
You can regenerate access tokens automatically without prompting OAuth pages. The user has to grant access for the entire session to regenerate access tokens automatically. Learn more about how to generate access tokens without user consent in our ...