In this article, you will learn about making the shift from Authtokens to Zoho OAuthtokens—a revamped version of the security token you currently use.
Direct API Calls
If you've created apps that make direct API calls to Zoho Desk, then moving your authtokens to Zoho OAuth can be done via a Migration API.
Choose the appropriate path based on the type of app you've created:
1. Migration for Web-based Applications: If your API application is used by multiple users, and user information is used to generate authtokens, follow the next few steps for a successful migration:
Migration API Sample Format
orgId of Zoho Desk portal>
Sample API Request
&authtoken=a99fxxxxxxxxxxx215&soid=ZohoSupport.1234567
Request Type
Post
Sample Response
{
"access_token": "1000.8cb99dxxxxxxxxxxxxx9be93.9b8xxxxxxxxxxxxxxxf",
"refresh_token": "1000.b8xxxxxxxxxxxxxxxx58f.538b3xxxxxxxxxxxxxxxxx114",
"expires_in_sec": 3600,
"token_type": "Bearer",
"expires_in": 3600000
}
Note
Upon receiving this API call, we will verify the details you provide with the pre-shared details. The API call will fail if there is a mismatch between the pre-shared details and the details mentioned in the API call, so please ensure that there are no discrepancies. The (old) authtokens you have requested to migrate, will be deleted after 24 hours.
|
To learn more about Web-based applications, you can refer to this page.
2. Migration for Self-Client Applications: In the event that you have full control over your authtokens (applicable to apps that perform backend functions within a firm), you can directly migrate your authtokens to Zoho OAuth without our support team's help. Follow the steps given below for a successful migration.
Migration API Sample Format
<OAuth Client secret>&grant_type=authtooauth&authtoken=<Authtoken to be migrated>&scope=<oauth scopes>&soid=ZohoSupport.<orgId of Zoho Desk portal>
Sample API Request
authtooauth&authtoken=feexxxxxxxxxxxxxxxxxxxf59e&scope=Desk.tickets.ALL&soid=ZohoSupport.123467
Request Type
Post
Sample Response
{
"access_token": "1000.03xxxxxxxxxxxxxxxxxa5317.dxxxxxxxxxxxxxxxxxfa",
"refresh_token": "1000.95xxxxxxxxxxxxxxxb0de.10bxxxxxxxxxxxxxxxxxx31b",
"expires_in_sec": 3600,
"token_type": "Bearer",
"expires_in": 3600000
}
Note
Upon receiving this API call, we will match the ID you register with on Zoho OAuth, with the account that the Authtokens belong to, to establish the correct ownership. The (old) authtokens you have requested to migrate, will be deleted after 24 hours.
|
To learn more about Self-Client applications, you can refer to this page.
Custom Functions
Changing the authtoken mechanism within your custom functions is easy with Connections, a type of wrapper that helps you migrate to Zoho OAuth with a few simple steps. Let us look at how to replace authtokens with connections in a sample custom function. It is a 3-step process that involves creating a connection, removing authtoken parameters, and adding connection parameters.
- Click the Setup icon ( ) in the top bar.
- Click Connections under the Developer Space menu.
You will land on the My Connections page, which will list the connections created by you.
- Click the Create Connection button in the top right corner of the page.
- On the Create Connection page, pick a service type.
- Enter the Connection Name and the Connection LinkName you intend to have.
- Select the Scope if required, depending on the application’s prerequisites.
- Click Create and Connect.
A summary page displaying the Link Name, Service Name, and Status of the Connection is shown.
Step 2: Removing authtoken parameter
- Remove the authtoken parameter (refer to image) in the existing function code.
Step 3: Adding connection parameter
- Add the "connection" parameter in the invokeurl method (refer to image) and then specify the Connection LinkName entered in Step 1 as its value.
- Click Save & Execute Script.
The custom function will now use connections instead of authtokens for authorization.
Connections
In some cases, connections may use authtokens as their authorization mechanism. We recommend migrating such connections to OAuth by following the steps mentioned below:
- Click the Setup icon ( ) in the top bar.
- Click Connections under the Developer Space menu.
The My Connections page will indicate the connections using deprecated authtokens with the message "Expiring Soon."
- Hover your mouse pointer over the connection, and then click Migrate To OAuth.
- On the Edit Connection page, select the necessary scopes (based on the API call)
Note: If you rename the connection, you must update the new name wherever the connection is used.
- Click Update.
This will migrate the authtoken based connection to Oauth.
Third Party Apps and Marketplace Apps
If you've developed an app that uses authtokens for the authentication process, then it's time to migrate to Zoho OAuth. If the app has been built on Zoho Marketplace, you can use Connections to replace the existing authtokens with the new ones. Please refer to this page to learn more about defining authentication details for a Zoho Marketplace app. Once you create a Connection, copy the JSON response from the Connection to the plugin-manifest.json file of your app.
If you've developed a third-party app, then you must migrate your existing authentication mechanism to Zoho OAuth. Using Connections as a mode of migration is limited to apps listed on the Zoho Marketplace.
If you are an app user, then please note that only app developers can make this shift. Once they do, you must update the app, followed by a round of reauthorization to ensure that the updated app will function as before, with all the right permissions.