Kaizen #116 - Client Types in Zoho API Console

Kaizen #116 - Client Types in Zoho API Console

Hello everyone!
Welcome back to another post in the Kaizen series!

This week, we will discuss different client types available in Zoho API Console, and when to use each.

When you register an app in Zoho API Console, you typically choose a client type based on how your application interacts with Zoho services.
Let us discuss the available client types and how authorization is handled for each.

Available client types

  1. Server-based
  2. Client-based
  3. Self client
  4. Non-browser-based
  5. Mobile-based

1. Server-based

If you have a web-based application that runs on a dedicated HTTP server and interacts with Zoho services by calling Zoho APIs via that server, you must register your app with this client type.
This client type is for applications that redirect the users to another URL on a web browser to authorize themselves, where they give consent to your application to use their data.
In other words, you must use this client type when you have a front-end web UI and require user intervention before your app can access user data via the dedicated server.

Consider that you are developing a web-based custom application. Users authorize that app via browser to allow their Zoho CRM data to be accessed and used by that application.
During the registration process in Zoho API Console, you would choose the "Web-based" client type.
OAuth 2.0 would be used for user authentication, allowing your app to securely access and interact with Zoho CRM data on behalf of the users.

Here is a gist of what happens:
  1. Users visit your website where you have the Login with Zoho button.
  2. When a user clicks it, that user will be redirected to accounts.zoho.com with the details of your app such as client ID, scope, redirect uri, access type as the URL parameters.
  3. Your app must make an API call to Zoho Accounts with the client ID, scope, redirect uri, and access type. Users are shown the data that your application wants to use.
  4. When users give their consent, Zoho redirects them back to your app.This will be the "Redirect URL" you give while registering your app.
  5. The redirect URL will have the authorization code(grant token) as one of the parameters, along with the location(user's domain).
  6. Your app must then make API calls from your web server to Zoho Accounts to generate access and refresh tokens with the generated grant token.
  7. You must store these tokens in your DB to access that user's data in Zoho CRM. While making API calls, you must send this access token in the header.
  8. Your app must also have the logic to regenerate access tokens from refresh tokens when the access token expires.
Note that your app must take care of storing user's details like email, organization ID, and tokens.

The following image shows the protocol flow.


You can use any of our server-side SDKs to simplify this process.
When you use our SDK, all you have to do is, generate the grant token and initialize the SDK with the client details and this token. The SDK takes care of access token generation, refreshing it, and token storage.


For more details, you can refer to the Accounts guide and CRM help doc.

2. Client-based applications

This client type is for applications that do not have a server and run exclusively on a web browser.
This is also called the Implicit flow as your app makes API calls to Zoho only when users are using your app.
This type of application loads data dynamically on the webpage, and accesses Zoho CRM data by making API calls via Javascript.

Consider the same example where there is a Login with Zoho button on your webpage.
Here is a gist of what happens when a user clicks it.
  1. Your app redirects the user to Zoho Accounts.
  2. Your app makes the authorization request with the client ID, redirect uri, scope, and response type as token.
  3. The user is shown the data that your webpage would use.
  4. When the user gives consent, Zoho Accounts sends the access token to the redirect uri as a parameter, along with the expiry time and the location of user's data in Zoho's accounts server.
  5. You can include the "email" in your scope parameter in the access token request to get user's information. The response will have a parameter called id_token that will be in the header.payload.signature format. You need to decrypt the payload section of the parameter using the base-64 decryption algorithm to get user information.
  6. Your app must then make API calls to Zoho with this access token to fetch data.
  7. When the access token expires, your app must take care of regeneration and storage.


As the API calls are made from your domain to a different domain(zohoapis.com), for security reasons, the browser will throw the CORS error. So, your domain will be registered while registering your app, and Zoho will know to allow the API calls made from that domain.

As the tokens are available on the browser itself, we recommend handling them with care.
When you use our client-side JS SDK, it automatically generates a new access token upon expiry.

3. Self Client Applications

When your application does not have a redirect URL or a UI, but performs only a backend job, and does not need user intervention, then you must choose this client type.

A self client is often used when the application and Zoho services are operated by the same entity, and you want to enable secure communication between them. For example, you have an internal reporting tool and integrate it with Zoho Analytics. In this case, both the tool and Zoho Analytics are operated by the same entity.
Similarly, consider that you have a legacy product management system and want to perform data sync between Zoho CRM and the system, then you must use the self client.

Here is a gist of what happens.
  1. You register your app as self client in Zoho API Console.
  2. You will get the client details such as ID and secret.
  3. You provide the scopes required for your app to access CRM data.
  4. You will receive the grant token.
  5. Your app must then make API calls to Zoho Accounts to generate access and refresh tokens.
  6. Your app can then use this access token to make API calls to Zoho CRM and use data.
You can refer to our older Kaizen post on this topic for more details.
Note that self client apps can also use any of our server-side SDKs. As already said, the SDK takes care of access and refresh token generation, refreshing the access token, and token storage.

4. Non-browser applications

This client type is for devices that do not have a user agent such a web browser. A TV, for instance.
Let us consider an example involving a smart TV application that integrates with Zoho ShowTime. In this scenario, the smart TV application acts as a non-browser client.
Here is how authentication is handled:
  1. You must register your smart TV app in Zoho API Console with the type "Non-browser application".
  2. Users install a dedicated Zoho ShowTime application on their smart TVs.
  3. When users launch the Zoho ShowTime application on their smart TV, they are prompted to authenticate with their Zoho ShowTime account.
  4. When they successfully authenticate, Zoho Accounts sends the grant token to your app, along with the user-code, device-code and verification URL,The user must go to this verification URL on a browser and enter the user-code to grant permission to the app.
  5. Meanwhile, your app must poll the accounts server using the grant token to check if the token has been received.
  6. When the user enters the user code, Zoho Accounts sends the access token to your app.
  7. Your app can then use the access token to make API calls to Zoho. Your app must take care of token storage and renewals.

Here is the protocol flow. For more details, refer to this doc.


5. Mobile-based applications

You must use this client type when you have developed an app exclusively for mobile devices. The protocol flow is similar to server-based application where a browser session is required for the users to authenticate.



Similar to server-side apps, mobile apps also need to handle redirection, token generation and storage.
If you use any of our Mobile SDKs, the SDK itself handles token generation and storage.

We hope you found this post useful. Let us know your thoughts in the Comment section or write to us at support@zohocrm.com.


Cheers!

    • Sticky Posts

    • Kaizen #198: Using Client Script for Custom Validation in Blueprint

      Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

    • Kaizen #226: Using ZRC in Client Script

      Hello everyone! Welcome to another week of Kaizen. In today's post, lets see what is ZRC (Zoho Request Client) and how we can use ZRC methods in Client Script to get inputs from a Salesperson and update the Lead status with a single button click. In this

    • Kaizen #222 - Client Script Support for Notes Related List

      Hello everyone! Welcome to another week of Kaizen. The final Kaizen post of the year 2025 is here! With the new Client Script support for the Notes Related List, you can validate, enrich, and manage notes across modules. In this post, we’ll explore how

    • Kaizen #217 - Actions APIs : Tasks

      Welcome to another week of Kaizen! In last week's post we discussed Email Notifications APIs which act as the link between your Workflow automations and you. We have discussed how Zylker Cloud Services uses Email Notifications API in their custom dashboard.

    • Kaizen #216 - Actions APIs : Email Notifications

      Welcome to another week of Kaizen! For the last three weeks, we have been discussing Zylker's workflows. We successfully updated a dormant workflow, built a new one from the ground up and more. But our work is not finished—these automated processes are

      • Recent Topics

      • A POS solution to complete the business solution for SME businesses

        For such a long time one aspect of SME business completely ignored has been a suitable POS solution native to Zoho and integrated with all the usual and necessary applications such as Inventory, Books, Commerce and CRM. The first and generally only option

      • Introducing SlyteUI : From Idea to a Working Interface in Minutes

        Hello everyone! Are you spending hours building basic UIs? Does even the smallest customization feel like a major task? CRM customization should feel intuitive and straightforward, not time consuming or exhausting. SlyteUI makes this possible by simplifying

      • Zoho Form not synching with Zoho CRM in CRM email template

        I have in the past successfully created an email template that has access to a Zoho Form in the url link to Forms in the email template. I am in the Contact Module of the CRM and I have created a Form for contacts and mapped the two. I am using the upsert

      • Using Zoho CRM to manage NBI Clearance applicants – need workflow advice

        Hi everyone, I’m currently helping manage applications related to NBI Clearance services (appointments, document tracking, and status updates). Right now, everything is being handled manually and it’s getting confusing when multiple applicants are involved.

      • Bulk upload images and specifications to products

        Hi, Many users have asked this over the years and I am also asking the same. Is there any way in which we can bulk upload product (variant) images and product specifications. The current way to upload/select image for every variant is too cumbersome.

      • Super Admin Logging in as another User

        How can a Super Admin login as another user. For example, I have a sales rep that is having issues with their Accounts and I want to view their Zoho Account with out having to do a GTM and sharing screens. Moderation Update (8th Aug 2025): We are working

      • Schedule Timeout 5 minutes vs. stated 15 minutes

        I am running into a function run timeout error after 5 minutes for my schedules. The Functions - Limits documents states it should be 15 minutes: Functions - Limits | Online Help - Zoho CRM. What should it actually be? Due to the 5 minute timeout, I'm

      • Coupon Codes and Cancelling Subscriptions

        We have two Zoho One organizations, one we use for dev/testing. In Zoho Billing when we cancel a subscription, we are getting two different behaviors with regards to coupons. In one environment, the coupon is removed upon cancellation. In the other, the

      • Zoho Books | Product updates | April 2026

        Hello users, Welcome to our April 2026 product updates roundup! Highlights include profit margin for sales transactions, insights in reports, recording deposits from undeposited funds in banking, and faster production workflows with improved assembly

      • Journal Entries Do Not Show Multiple Entries to the Same Account

        Another basic accounting function that Books ... Accountants sometimes write journal entries, debiting and/or crediting the same account in the same entry. This is due to the need to record specific activity in an account when we pull reports especially

      • Bulk Writer Export

        Pardon me if this has already been discussed (I can't find anything about it in these forums and my last attempt to start a thread seems to have failed). Is it possible to export more than one document at once? I would be really great to be able to burn OpenOffice.Org files of all my Zoho documents once a month to a CDR. If that feature is available/were created, this would be my main word processor. Without being able to do my own bulk backups I'm leery to count on Zoho's servers (which are robust

      • Sites API

        Is there a Sites API and if so where can we find documentation

      • Extracting phone number from variable

        Hi. I've created a flow between Calendly and Zoho CRM. So when someone schedules a meeting in Calendly, there is a lead created in Zoho CRM. However, I am not able to fill in the phone number field in Zoho CRM, because the phone number is included in

      • I can't fetch Calendly Fields

        Hello, I have set up a flow to connect Calendly with Zoho CRM, A few days ago I have mentioned that I should update the Calendly app connection and I have done, After Calendly has been updated I have some issues such as Event location missing I can map

      • Edit a previous reconciliation

        I realized that during my March bank reconciliation, I chose the wrong check to reconcile (they were for the same amount on the same date, I just chose the wrong check to reconcile). So now, the incorrect check is showing as un-reconciled. Is there any way I can edit a previous reconciliation (this is 7 months ago) so I can adjust the check that was reconciled? The amounts are exactly the same and it won't change my ending balance.

      • FSM- are we getting there

        We have now tried the FSM a couple of times. We have been defeated on the offline access. As you can imagine the enginner needs to know the customers details, the job and the equipment. This needs to be cache. Is it yet? Plus Our engineers do multiple

      • Canvas and calendar

        Is it possible to have a canvas view that shows say a contacts details with the meetings calendar on the same page?

      • What's new in Zoho Social - Q1 recap

        Hello everyone, We’ve rolled out a bunch of updates in Q1, and we’re excited to walk you through them. To help you explore these features in detail, we’re hosting a Q1 recap webinar where we’ll show you how to make the most of each update. Q1 recap webinar

      • Ignore Auto Sales Order number generation not working

        Hi, My Flow has broken and I'm no longer able to use the Ignore auto number generation function and instead use the field that came from the trigger (via Jotform) when creating a new Sales Order in Books. Any suggestions how to fix this?

      • Split Bills/Expsense between multiple projects and/or clients

        I need to be able to split vendor invoices/ expenses between multiple clients. Entering the bill multiple times is not only time consuming, it defeats the purpose of having a unquie identifity bill number and will allow for possible duplicated entry.  Below is an example from Quickbooks Desktop. Splitting costs over various projects is a common job costing function that I am very sad and surprised is not an option in Zoho Books. Unless I am missing it somewhere? Thanks for your help!

      • Vendor bills cannot be assigned to a customer or a customer project?

        I'm confused on how to handle outsourced contractor expenses on a customer project.  Between my business and the contractor, the invoice they send me fits obviously into Zoho Books as a Bill. However, I need to be able record those expenses to the client

      • Anyone using Books to track Project Profitability? If so, I could use some guidance

        Hello Zoho Community. I am a recent subscriber to Zoho, and its part of an ongoing evaluation.  My company (and my clients) have extensive project-tracking needs.  The Projects module seems to be good from a project management standpoint, but I am perplexed

      • Introducing parent-child ticketing in Zoho Desk [Early access]

        Hello Zoho Desk users! We have introduced the parent-child ticketing system to help customer service teams ensure efficient resolution of issues involving multiple, related tickets. You can now combine repetitive and interconnected tickets into parent-child

      • Problem in usage zoho

        Difficulty to submit the from in my training to handle ticket on your free trial

      • Automation Series: Assign Subsequent Task Owner on Completion

        When a project progresses, tasks get piled up over time. As new tasks are created, tracking ownership and assigning them can become time consuming. In a pharmaceutical manufacturing unit, the procurement phase involves a set of tasks such as raw material

      • In-House, Non-Billable Projects

        I use Zoho Projects solely for in-house projects with fixed cost budgets.  Only bills and expenses need to be charged against the budget.  There are no customers to be billed or invoices to be created. How can such a non-billable project be set up?   As

      • [Webinar] What's New in Zoho Analytics: Q1, 2026

        To all the data enthusiasts out there, we're back again with another power-packed webinar in the What's New series! This last quarter was marked by exciting new features and product updates focused on offering you top-notch solutions. With new data connectors,

      • Ask The Expert: Deep Dive into Zoho CRM, Desk, SalesIQ, and Campaigns!

        Are you using Zoho to power your sales, support, and marketing, and have questions about configuration, automation, or best practices? We have great news: the “Ask The Expert” session is coming to the Zoho Benelux Community! This session is specifically

      • Workflows being applied and the Large unwanted popup

        When a workflow is being applied do to an action, then the Agent is left with a large Window asking if they would like the see the changes this workflow did. Is there any way to disable this prompt from appearing?

      • Users I've shared the sheet with cannot use the Custom Functions

        Hi, I have a Zoho Sheet worksheet that I shared to 2 colleagues, giving them full access: In that worksheet, I created a button with a custom Deluge function and it works flawlessly for me: For those I shared the worksheet to, when they click the button,

      • Limiting the form - Zoho People

        Hi Team, I would like to limit the number of form/request submissions for employees within a given month. For example, if an employee has already submitted 3 requests in the current month, they should not be allowed to submit any further requests. An

      • Zoho Analytics: Clarification on Email Schedule Limits in Basic Plan

        Hi Team, I have a question regarding the email scheduling limits in the Zoho Analytics Basic Plan. The plan shows that I can create 4 email schedules. However, I understand that schedule consumption is calculated based on recipients (i.e., 1 schedule

      • Standardize your booking forms with Centralized Customer Form

        We’re excited to introduce Centralized Customer Form, a new way to manage and standardize how customer information is collected across your event types. With this feature, you can define a common set of booking form fields once and apply them across your

      • Zoho Creator In-App Notification

        Hi Team, I have implemented an in-app notification using code, as it required some customization. I followed the example in the link below: https://www.zoho.com/deluge/help/pushnotify-using-deluge.html#Example I have a couple of questions regarding this

      • Add Flexible Recurrence Options for Meeting Scheduling in Zoho Cliq (e.g., Every 2 Weeks)

        Hello Zoho Cliq Team, We hope you are doing well. Currently, when scheduling a meeting inside Zoho Cliq, the recurrence options are limited to Daily, Weekly, Monthly, and Yearly. There is no ability to set a meeting to occur every X weeks — for example,

      • Announcing Zoho Sheet desktop app for macOS and Windows (Beta)

        Hello Sheet users, We know you’ve been waiting for this one. It has always been the top priority on our roadmap to provide a single native desktop app for macOS and Windows that works both online and offline. Today, we are excited to announce that the

      • In App Auto Refresh/Update Features

        Hi,    I am trying to use Zoho Creator for Restaurant management. While using the android apps, I reliased the apps would not auto refresh if there is new entries i.e new kitchen order ticket (KOT) from other users.   The apps does received notification but would not auto refresh, users required to refresh the apps manually in order to see the new KOT in the apps.    I am wondering why this features is not implemented? Or is this feature being considered to be implemented in the future? With the

      • Unable to Log In to FSM Mobile App

        Hello FSM Team, We are encountering an issue when logging in to the FSM mobile app. When entering the user email, the system shows the error: “This account does not exist.” However, the same user is able to log in successfully via web (fsm.zoho.com).

      • Clarification on “Change Owner” vs Dispatcher Role in Work Orders

        Hi Mr. Abid, Good day! We would like to understand the purpose and correct usage of the “Change Owner” option in the Work Order module. As we noticed, there is an option to Change Owner in the Work Order. At the same time, there is also a separate field/role

      • New Income Tax Act 2025 and Rules 2026 for India (Effective 1 April 2026)

        Hello everyone, The Income Tax Act 2025 came into effect from 1 April 2026. This new law replaces the old Income Tax Act of 1961. Along with the new Act, the Income Tax Rules 2026 have also been released by the government. These updates bring practical

      • Next Page