Kaizen #2 - OAuth2.0 and Self Client #API

Kaizen #2 - OAuth2.0 and Self Client #API

Hi everyone!

Welcome back to another week of Kaizen! 

In this post, we will shed some light on the OAuth2.0 protocol and how you can use Zoho's Self Client option to authenticate your application and generate the tokens.

What is OAuth2.0?
OAuth 2.0 is an industry standard protocol specification that enables third-party applications (clients) to gain delegated access to protected resources in Zoho via an API.

Why should we use OAuth2.0?
  • Clients are not required to support password authentication or store user credentials.
  • Clients gain delegated access, i.e., access only to resources authenticated by the user.
  • Users can revoke client's delegated access anytime.
  • OAuth access tokens expire after a set time. If the client faces a security breach, user data will be compromised only until the access token is valid.

To use the Zoho CRM APIs, you must authenticate the application to make API calls on your behalf with an access token.

The access token, in return, must be obtained from a grant token (authorization code).

Zoho CRM APIs use the authorization code grant type to provide access to protected resources.
In this type,
  1. The web application redirects the user to the OAuth server.
  2. The user sees the authorization prompt and approves the app's request as shown in the below image.

  3. The user is redirected back to the application with an authorization code in the query string.

  4. The application exchanges the authorization code for an access token.
As you can see, this involves user intervention while authorizing your application.

When should you use Self Client?

If your application is a stand-alone application that performs only back-end jobs like data-sync(without any manual intervention), you cannot use this authorization code flow. 

In the below example image, the data sync happens between Zoho CRM and your legacy Product Management system. So, it is perfect to use the Self Client option as it does not need an UI for this type of application. Using this flow, you can generate the grant token, access, and refresh tokens.


How to use Self Client?
1. Go to Zoho Developer Console and log in with your Zoho CRM username and password.

2. Choose Self Client from the list of client types.


3. Click Create on the Create New Client page and click OK in the pop up to enable a self client for your account.

4. Now, your client ID and secret is displayed under the Client Secret tab.


5. Click the Generate Code tab to generate the Grant token.
The grant token is a temporary token generated by the authorization server (Zoho CRM, here) to generate access and refresh tokens.
Before generating the grant token, you must decide the scope you need. Scope decide the level of access a client can have to a resource.
Refer to our list of scopes, for more details.

a. Click the Generate Code tab and enter the required scope separated by commas.
b. Select the Time Duration for which the grant token is valid. Please note that after this time, the grant token expires.
c. Enter a description and click Generate.
d. The generated code for the specified scope is displayed. Copy the grant token.
e. Please note that generating grant token is a one-time process, provided you generate the access and refresh tokens within the time the grant token is valid for.

6. Generate the Access and Refresh tokens using Postman or any REST client.
a. Open Postman.
b. Make a POST request with the following URL.
"{{accounts-domain}}/oauth/v2/token"
{{accounts-domain}} is the domain-specific URL in which you registered your client.
c. Pass the below keys and their values in the body of the request.



d. Hit Send. The access and refresh tokens are displayed in the response.

 e. The access token is valid for an hour from generation. 
 f. The refresh token does not expire. You can use this to refresh your access token when they expire.

Quick tip: Enter all the required keys and values in Postman before you generate the token. This way, you will only have to paste the grant token after its generation, thereby reducing the risk of its expiration before you generate the tokens.

7. Store the access and refresh tokens and use the access token when you make API calls.

​8. Write a script that will call the below token refresh URL before the time the access token expires.
"{{accounts-domain}}/oauth/v2/token?client_id={{client_id}}&client_secret={[client_secret}}&refresh_token={{generated_refresh_token}}&grant_type=refresh_token"


Other useful links:
Bulk Read API to export data in bulk from CRM
Bulk Write API to import data from a database to CRM

We will meet you next week with another exciting topic!


Cheers!






    • Sticky Posts

    • Kaizen #198: Using Client Script for Custom Validation in Blueprint

      Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

    • Kaizen #226: Using ZRC in Client Script

      Hello everyone! Welcome to another week of Kaizen. In today's post, lets see what is ZRC (Zoho Request Client) and how we can use ZRC methods in Client Script to get inputs from a Salesperson and update the Lead status with a single button click. In this

    • Kaizen #222 - Client Script Support for Notes Related List

      Hello everyone! Welcome to another week of Kaizen. The final Kaizen post of the year 2025 is here! With the new Client Script support for the Notes Related List, you can validate, enrich, and manage notes across modules. In this post, we’ll explore how

    • Kaizen #217 - Actions APIs : Tasks

      Welcome to another week of Kaizen! In last week's post we discussed Email Notifications APIs which act as the link between your Workflow automations and you. We have discussed how Zylker Cloud Services uses Email Notifications API in their custom dashboard.

    • Kaizen #216 - Actions APIs : Email Notifications

      Welcome to another week of Kaizen! For the last three weeks, we have been discussing Zylker's workflows. We successfully updated a dormant workflow, built a new one from the ground up and more. But our work is not finished—these automated processes are

      • Recent Topics

      • Zoho Books - Breaking A Working App

        We've been using Zoho for many years now. Across all apps, entering phone numbers in standard formats was enabled in all apps. These formats are: xxx.yyy.zzzz xxx-yyy-zzzz (xxx) yyy-zzzz and we were able also to add extension numbers in these formats:

      • Build data protection into your support

        At Zoho, privacy is our principle. Every Zoho product is built with privacy as the foundation and the finishing touch, guiding every decision we make. Security, privacy, and compliance are woven into the software development lifecycle, starting from how

      • Conditional formatting: before/after "today" not available

        When setting conditional formatting, it only allows me to set a specific calendar date when choosing "Before" or "After" conditions. Typing "today" returns the error "Value must be of type date". Is there a workaround? Thanks for any help!

      • Display Client Name in Zoho Creator Client Portal Dashboard

        Hello Zoho Creator Team, We hope you are doing well. Zoho Creator recently introduced the option to set a client’s display name in the Client Portal settings, which is very helpful for providing a personalized portal experience. However, there is currently

      • Customizable UI components in pages | Theme builder

        Anyone know when these roadmap items are scheduled for release? They were originally scheduled for Q4 2025. https://www.zoho.com/creator/product-roadmap.html

      • Amazon.in FBA multiple warehouse integration with Zoho Inventory

        My organisation subscribed to Zoho One looking at the opportunity to integrate Amazon.in with Inventory. But during the configuration, we understood the integration has severe limitations when it involves multiple warehouses in the same Organisation.

      • Feature Request - Set Default Values for Meetings

        Hi Zoho CRM Team, It would be very useful if we could set default values for meeting parameters. For example, if you always wanted Reminder 1 Day before. Currently you need to remember to choose it for every meeting. Also being able to use merge tags

      • Ability for admin to access or make changes in zoho form without asking for ownership

        Currently in zoho form only form owner can make the changes in the form and if someone else has to make changes then we have to transfer the ownership to them and even admin also cant access it . So i think admin must have the ability or option to access

      • Issue with WhatsApp Template Approval and Marketing Message Limit in Zoho Bigin

        We are facing issues while creating and using WhatsApp message templates through Zoho Bigin, and we request your clarification and support regarding the same. 1. Utility Template Approval Issue Until December, we were able to create WhatsApp templates

      • Zoho CRM Calendar View

        Hello Zoho team, We need desperately a calendar view next to list, kandan and other views. I think it should be easy to implement as you already have the logic from Projects and also from Kanban View in CRM. In calendar view when we set it up - we choose

      • Camera

        I can sign on to a meeting and see the other participants, but my screen is dark. The instructions for Zoho "Camera Settings" say "click on lock icon in address bar," but I don't see that icon! Suggestions?

      • What is Workqueue and how to hide it?

        Hi, My CRM suddenly have this "Workqueue", may I ask how to set the permission of this tab?

      • Batch/lot # and Storage bin location

        Hi I want to ask for a feature on Zoho inventory I own a warehouse and I've gone through different management software solutions with no luck until I found Zoho, it has been a game changer for my business with up to the minute information, I'm extremely happy with it. It's almost perfect. And I say Almost because the only thing missing for me (and I'm sure I'm not alone) is the need of being able to identify the lot number of my inventory and where it is located in the warehouse. Due to the nature

      • Adding Sender Address with Basic Plan

        According to the knowledge base, I should be able to add Sender addresses with the Basic Plan. But whenever I try to add an email, it takes me to a search window and I cannot find any emails in the list. Even mine, which is the admin. email.

      • Conditional Field Visibility in Bigin CRM

        I would like to request support for conditional field visibility within Bigin CRM. This feature should allow administrators to configure show/hide rules for fields based on predefined criteria (e.g., field values, picklist selections, stage changes,

      • Bill automation in Zoho Books

        Hi I am looking for 3rd-party options for bill automation in zoho which are economical and preferably have accurate scanning. What options do I have? Zoho's native scanning is a bit pricey

      • Reporting Tags

        We've been using reporting tags for years (before itemizing was available) and now we are finding reporting these tags are impossible to track. Reports have changed in the customization and our columns of reporting tags no longer show up. We do not use

      • Consumption based inventory

        I am currently using Zoho Books for my hospitality business, which includes lodging and restaurant services. We purchase many items in bulk for storage and consumption as needed. I'd like these items to be recorded as inventory when purchased and categorized

      • Smarter Access Control: Role-Based Access vs. Responsibility-Based Profiles

        Every business has roles, responsibilities, and workflows. While roles help define structure, responsibilities within those roles are rarely the same. As your team grows, some members need access to only a specific set of features. Others require visibility

      • Partner with HDFC And Sbi Bank.

        Hdfc and sbi both are very popular bank if zoho books become partner with this banks then many of the zoho books users will benefit premium features of partnered banks.

      • API in E-Invoice/GST portal

        Hi, Do I have to change the api in gst/e-invoice portal as I use zoho e books for my e-invoicing. If yes, please confirm the process.

      • Member role in zoho meeting

        does a user with member role can see other users in the organization

      • How to post more than 4 Images on Instagram?

        Hi I read several articles to the topic od how to post more than 4 images on instagram, but i can't figure out how it works. I can't find the content editor and i installesd the z share extension for google chrome. Could someone please help me? Than

      • Clone Recurring Expenses

        Our bookkeeping practices make extensive use of the "clone" feature for bills, expenses, invoices, etc. This cuts down significantly on both the amount of typing that needs to be done manually and, more importantly, the mental overhead of choosing the

      • Zoho Books - How to Invoke a Custom Function in Schedulers

        We have multiple schedulers that send emails to customers in batches. Currently, we are maintaining the same code across several schedulers. Is it possible to use a custom function inside a scheduler script? If yes, how can we invoke the custom function

      • Special characters (like â, â, æ) breaking when input in a field (encoding issue)

        Hey everyone, We are currently dealing with a probably encoding issue when we populate a field (mostly but not exclusively, 'Last Name' for Leads and Contracts). If the user manually inputs special characters (like ä, â, á etc.) from Scandinavian languages,

      • Set Custom Icon for Custom Modules in new Zoho CRM UI

      • Notes badge as a quick action in the list view

        Hello all, We are introducing the Notes badge in the list view of all modules as a quick action you can perform for each record, in addition to the existing Activity badge. With this enhancement, users will have quick visibility into the notes associated

      • Is Zoho Live Chat compatible with WordPress CMS?

        Hello, I have a website called www.jjrlab.com and I'm interested in using Zoho Chat on it. Does it support WordPress CMS? Thanks.

      • Introducing spam detection for webforms: An additional layer of protection to keep your Zoho CRM clean and secure

        Greetings all, One of the most highly anticipated feature launches—Spam Detection in webforms—has finally arrived! Webforms are a vital tool for record generation, but they're also vulnerable to submissions from unauthenticated or malicious sources, which

      • Bring your CRM and Desk app inside SalesIQ with widgets

        Have you ever been confused and frustrated with multiple open tabs and switching back and forth from SalesIQ to other apps to perform your business-specific operations? How effective would it be to have all the required tools and data of the apps you

      • Speak Your Customers' Language: SalesIQ's chatbots now support 30 languages 🤖

        We're unveiling some major upgrades to our chatbot that are set to revolutionize your experience! Now SalesIQ support 30 languages for both Zobot and Answer bot. By speaking your customers' language, you can enhance engagement, improve customer satisfaction,

      • Repeat Column merge in ZOHO writer columns doesn't allow to set max columns per row

        I'm using ZOHO writer to merge data from a ZOHO CRM subform and I want it to make a table. We're using Insert Table for Column Repeat, because this is what we need. (Name of column (Teamname) and underneath that a list of names of teammembers). It works

      • Persisting email signals to contact timeline?

        Hello there. Regarding the email signals that are logged when a contact opens an email, am I correct that these signals are not logged to a contact's timeline? Ideally, I would like to have this context available for future follow-ups, if the contact

      • Trouble with using Apostrophe in Name of Customers and Vendors

        We have had an ongoing issue with how the system recognizes an apostrophe in the name of customers and vendors. The search will not return any results for a name that includes the mark; ie one of our vendors names is "L'Heritage" and when entering the

      • Really want the field "Company" in the activities module!

        Hi team! Something we are really missing is able to see the field Company when working in the activities module. We have a lot of tasks and need to see what company it's related to. It's really annoying to not be able to see it.🙈 Thx!

      • Upcoming update to Google Drive integration in Zoho Creator

        Hello everyone, We're writing to inform you about an upcoming update to how Zoho Creator integrates with Google Drive. In Zoho Creator, during actions like importing files to create an app or attaching files to fields, you can choose files directly from

      • Managing Scheduled Replies

        Communication is most effective when the intended message reaches the right person at the right time. However, this can be challenging when communication occurs across different time zones. By scheduling replies, businesses can ensure that responses reach

      • Show price book list price

        When using price books, once you add products to the price book in the Products related list you can display the Unit price which is the default list price; however, there is no option to show the price book list price. To see the price book list price

      • Allow Attaching Quartz Recordings to Existing Zoho Support Tickets

        Hi Zoho Team, We would like to request an enhancement to how Zoho Quartz recordings integrate with Zoho Support tickets. Current Behavior: At the moment, each Quartz recording automatically creates a new support ticket. However, in many real-world scenarios:

      • Next Page