Connections in Webhook Block
When you’re working with webhooks in a bot flow, whether you’re retrieving data, updating a record, or triggering a third-party service, you often need to establish a secure connection with an external application. That’s where Connections come into play.
Connections act as a secure bridge between your bot and the service you’re calling. Let’s explore what Connections are, why you need them, how to set one up, and where they fit into the larger webhook configuration.
What is a Connection?
A Connection is a secure authentication setup that allows your webhook to interact with another service, like Zoho Desk, CRM, Google Sheets, or a custom API (Check this case), without you having to enter your credentials every time.
When you configure a webhook block, instead of hard coding sensitive details like access tokens or API keys directly into the request, you can simply link to a Connection. This makes your setup safer and easier to manage.
You can create Connections for:
- Zoho’s own services (using Zoho OAuth)
- Third-party applications like Slack, Google (Built-in)
- Stripe and others (as custom Connections)
- Internal or custom APIs used by your organization
Why are Connections important?
Here’s why using a Connection is strongly recommended (and often mandatory):
- Keeps sensitive data like tokens, secrets, and API keys hidden and encrypted.
- Reuse the same Connection across multiple flows or webhook blocks. No need to configure authentication every time.
- If your API token or scope changes, you only need to update it in one place.
- When multiple users build bots or flows, everyone can use the same Connection without needing access to sensitive credentials.
Where are Connections used?
Every time your bot wants to:
- Fetch a ticket from the Zoho Desk
- Push a new lead into your CRM
- Query order status from an external API
… a secure handshake must happen between your bot and the target service. That handshake, whether through OAuth, API key, or another method, is what the Connection handles for you.
This is especially crucial for protected endpoints that require authentication. Without a valid Connection, the API will deny your request.
Types of authentication you can use
Authentication
Authentication
When creating a Connection, the authentication method depends on the service you’re connecting to:
| Service Type | Authentication Method | Example Use Case |
| Zoho Services | Zoho OAuth | Fetching tickets from Zoho Desk |
| Third-party APIs | OAuth 2.0 | Posting updates to Slack or Google Sheets |
| Custom APIs | API Key / Basic Auth | Accessing internal databases |
For Zoho services, Zoho OAuth is the default and most secure method.
How to create a connection
Let’s say you want to get ticket details from Zoho Desk using the Webhook block. Here’s how to set up a Connection:
Set Up Connections
1. Go to the Webhook Block
2. In your bot builder, add a webhook block where the action will take place.
3. Click Add in the Connections section.
4. You’ll be redirected to the Data Retrieval Engine (DRE).
5. Click Create Connection
6. Choose your service. For Zoho apps, select Zoho OAuth.
7. Enter a Connection Name. Make sure it's something easy to identify, like “ZohoDesk_TicketReader.”
8. The system will auto-generate a Link Name based on your input.
9. Select Scopes.
10. Scopes define what your bot is allowed to do. (For example: ZohoDesk.tickets.READ, allows your bot to read ticket information. ZohoCRM.modules.ALL, allows access to all CRM modules.)
11. Click Create and Connect once you're done.
12. Complete Authorization
13. A pop-up will ask you to authorize access: Click Connect
14. When prompted, click Accept to grant the bot permission to perform actions via the API
15. Once accepted, your Connection will be established.
16. Return to Webhook Block.
17. Click Refresh next to the Connection dropdown to see your new Connection listed.
18. Select it and hit Save.
You’re now ready to authenticate securely using this Connection.
Example Use Case
Example Use Case
Imagine your support bot needs to fetch ticket details from Zoho Desk based on a user’s input. Instead of adding a raw token to your webhook
URL like this:
https://desk.zoho.com/api/v1/tickets?ticketNumber=12345
You simply configure the URL, add query params as needed (e.g., ticketNumber = @input.ticketNumber), and choose your pre-configured “ZohoDesk_TicketReader” Connection.
Zoho will authenticate the request using the OAuth token in your Connection. No need to expose or manage tokens manually!
Learn more about Desk Connections
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho Writer?
Create. Review. Publish.
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Multipath in Webhook Block
Not every API call ends the same way. When your chatbot interacts with external systems using a Webhook block, you often expect different types of responses. Some API calls are successful, like when the system finds a customer’s data, while others ...URL Field in Webhook Block
Where it knows to go! You’ll need to enter the exact REST API endpoint of the third-party app you want to interact with in the URL field; whether you’re sending data, fetching it, updating something, or deleting it. Think of this field as the ...FAQs: Creating Guided Conversations Flow
What is the difference between Response Blocks and Action Blocks? Response Blocks and Action Blocks are the two fundamental categories of blocks in the GC flow builder. All the blocks are grouped under Response Blocks and Action Blocks. The former is ...Response in Webhook Block
Once your webhook sends a request to an external API, it often receives a response. This is where the Response List in the webhook block becomes incredibly useful. It lets you capture and use the data that comes back from the API, right inside your ...Request Timeout in Webhook Block
When your chatbot connects to an external service, it uses a webhook block to send a request to that service’s API. Now imagine the service takes too long to respond. What should your chatbot do? Wait forever? Give up too early? That’s exactly what ...
New to Zoho LandingPage?
Zoho LandingPage Resources