Zoho Recruit API and Google Sheets OAuth2 process

Zoho Recruit API and Google Sheets OAuth2 process

Hello fellow ZR API user,

I need to use Zoho Recruit API together with Google (because our team is operating within Google Sheets already).

I use this library to support OAuth2 for Zoho in Google Sheets: 
(looks amazing and seems to work well for others)

Interesting:
* Works really well for the Zoho CRM API for me
* Does not work for Zoho Recruit API for me (always get a 400 error)

My questions:
* Do I use wrong scope or code? Does anything stand out?
* Are there other / better libraries / code I can use?

Thank you!

Before this suggestion comes up:
I contacted Zoho Recruit Support 2 weeks ago with multiple follow-ups without any answer.
This is why I am turning to the community (I would have hoped for Zoho to help me out here)

----
Google App Script Code

/**
 * This sample demonstrates how to connect to the Zoho CRM API.
 */

var CLIENT_ID = '1000.xxxxxxxxxxxxxxxxxxxx';
var CLIENT_SECRET = 'xxxxxxxxxxxxxx';

function writeToSheet(content) {
  var sheet = SpreadsheetApp.getActiveSpreadsheet().getActiveSheet();
  sheet.appendRow([content]); // Write the entire content to the first cell of a new row
}
function saveToDrive(content) {
  var fileName = 'API Error Response ' + new Date().toISOString();
  DriveApp.createFile(fileName, content, MimeType.PLAIN_TEXT);
}

/**
 * Authorizes and makes a request to the Zoho CRM API.
 */
function run() {
  var service = getService_();
  if (service.hasAccess()) {
    // Retrieve the API server from the token.
    var apiServer = service.getToken().api_domain;
    // var url = apiServer + '/crm/v2/org';  // I leave them in here for troubleshooting
    var url = apiServer + '/recruit/v2/org';
    var response = UrlFetchApp.fetch(url, {
      method: 'get',
      headers: {
        'Authorization': 'Bearer ' + service.getAccessToken(),
        'Content-Type': 'application/json'
      },
      muteHttpExceptions: true
    });
    
    // writeToSheet(response.getContentText());
    // saveToDrive(response.getContentText());
    
    // Log the status code and headers to understand the response better
    Logger.log(response.getResponseCode());
    Logger.log(response.getHeaders());

    // Log the raw content of the response
    Logger.log(response.getContentText());
    
    
    // Attempt to parse the response as JSON, with error handling
    var result;
    try {
      result = JSON.parse(response.getContentText());
    } catch (e) {
      Logger.log('Failed to parse response as JSON:');
      Logger.log(response.getContentText());
      return; // Exit the function or handle the error as needed
    }

    

    // Proceed with processing the result if it's successfully parsed
    // Logger.log(JSON.stringify(result, null, 2));

  } else {
    var authorizationUrl = service.getAuthorizationUrl();
    Logger.log('Open the following URL and re-run the script: %s',
        authorizationUrl);
  }
}

/**
 * Reset the authorization state, so that it can be re-tested.
 */
function reset() {
  getService_().reset();
}

/**
 * Configures the service.
 * @param {string} optAccountServer The account server to use when requesting
 *     tokens.
 */
function getService_(optAccountServer) {
  var service = OAuth2.createService('Zoho')
      // Set the authorization base URL.
      .setAuthorizationBaseUrl('https://accounts.zoho.eu/oauth/v2/auth')

      // Set the client ID and secret.
      .setClientId(CLIENT_ID)
      .setClientSecret(CLIENT_SECRET)

      // Set scopes. See
      // I leave the scopes in here for troubleshooting
      //.setScope('ZohoRecruit.modules.READ')
      //.setScope('ZohoRECRUIT.modules.all')
      //.setScope('ZohoRECRUIT.org.all')
      .setScope('ZohoRecruit.org.all')
      //.setScope('ZohoCRM.org.all')    

      // Set the name of the callback function that should be invoked to
      // complete the OAuth flow.
      .setCallbackFunction('authCallback')

      // Set the access type to "offline" to get a refresh token.
      .setParam('access_type', 'offline')
      // Set prompt to "consent" to ensure a refresh token is retrieved.
      .setParam('prompt', 'consent')

      // Set the property store where authorized tokens should be persisted.
      .setPropertyStore(PropertiesService.getUserProperties())
      .setCache(CacheService.getUserCache());

      var token = service.getToken();
      Logger.log(token); // This will show you the structure of the token object


  // Set the token URL using the account server passed in or previously stored.
  var accountServer = optAccountServer ||
      service.getStorage().getValue('account-server');
  if (accountServer) {
    service.setTokenUrl(accountServer + '/oauth/v2/token');
  }
  return service;
}

/**
 * Handles the OAuth callback.
 */
function authCallback(request) {
  var accountServer = request.parameter['accounts-server'];
  var service = getService_(accountServer);
  var authorized = service.handleCallback(request);
  if (authorized) {
    // Save the account server in the service's storage.
    service.getStorage().setValue('account-server', accountServer);
    return HtmlService.createHtmlOutput('Success!');
  } else {
    return HtmlService.createHtmlOutput('Denied.');
  }
}

/**
 * Logs the redict URI to register.
 */
function logRedirectUri() {
  Logger.log(OAuth2.getRedirectUri());
}

----

Error log from Google App Script log:


2:03:46 PM Notice Execution started
2:03:46 PM Info {expiresAt=1.708956218E9, expires_in=3600.0, scope=ZohoRecruit.org.all, access_token=1000.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, api_domain=https://www.zohoapis.eu, token_type=Bearer, refresh_token=1000.xxxxxxxxxxxxxxxxxxxxxx}
2:03:47 PM Info 400.0
2:03:47 PM Info {X-Content-Type-Options=nosniff, Date=Mon, 26 Feb 2024 13:03:46 GMT, Vary=accept-encoding, Server=ZGS, Content-Language=en-US, Content-Type=text/html;charset=UTF-8, Referrer-Policy=strict-origin, Content-Encoding=gzip, Connection=keep-alive, Transfer-Encoding=chunked, X-XSS-Protection=1, Set-Cookie=JSESSIONID=9CA8ABA2234F11A3F94B5AA4D7AC8CC0; Path=/; Secure; HttpOnly, Content-Security-Policy-Report-Only=script-src  'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.zoho.com https://*.zoho.in https://*.zoho.com.au https://*.zoho.com.cn https://*.zoho.eu https://*.zohocdn.com https://*.stratuscdn.com  https://*.zohocdn.com.cn  https://*.zappsusercontent.com https://*.zappsusercontent.sa https://*.zappsusercontent.ca https://*.zappsusercontent.jp https://*.zappsusercontent.eu https://*.zappsusercontent.in https://*.zappsusercontent.com.au https://*.zappsusercontent.com.cn https://*.localzappscontents.com https://*.zohostatic.eu https://*.zohostatic.jp  https://js.skydeskstatic.jp https://*.zoho.eu https://media.twiliocdn.com/sdk/js/client/releases/1.7.7/twilio.min.js https://media.twiliocdn.com/sdk/js/client/v1.7/twilio.min.js https://cdn.pagesense.io https://s.ytimg.com/yts/jsbin/ https://ssl.google-analytics.com/ga.js https://www.youtube.com/iframe_api https://dyjgaef5vuq51.cloudfront.net https://dtzpfzv31buvf.cloudfront.net https://d22czkv2r5ogmg.cloudfront.net https://d12h6dzwzn4m10.cloudfront.net https://d17nz991552y2g.cloudfront.net  chrome-extension://*  https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/  https://cdn.pagesense.io https://zohotagmanager.cdn.pagesense.io https://www.zohowebstatic.com/ https://scripts.zohospotlight.com https://widgets.zohosalesiq.com https://js.stripe.com https://connect.facebook.net; report-uri https://logsapi.zoho.com/csplog?service=crm, X-Frame-Options=SAMEORIGIN}
2:03:47 PM Info Logging output too large. Truncating output. <html><head><title>Zoho CRM - Error</title><link rel="SHORTCUT ICON" href="https&#x3a;&#x2f;&#x2f;static.zohocdn.com&#x2f;crm&#x2f;images&#x2f;favicon_cbfca4856ba4bfb37be615b152f95251_.ico" /><link href="https://static.zohocdn.com/crm/CRMClient/css/default_theme_b61f5f53b945c996ec11acc6fc077962_.css" rel="stylesheet" type="text/css"/><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta http-equiv="Pragma" content="no-cache"><style>
/******new error page style******/

I always get a generic Zoho error landing page which does not explain the error.