Kaizen 200 - OAuth and Token Management using Zoho CRM Python SDK

We’re incredibly excited to bring you the 200th post in our Kaizen series!

This journey has been as much about listening as it has been about sharing. And today, we’re making both count. Over the past few weeks, we’ve collected your feedback through the Kaizen feedback form added in our earlier posts. Thank you for the time and thought you’ve put into it.

Starting today, we’ll be actively addressing your most requested topics. 

Overview – OAuth 2.0 and Zoho CRM SDKs

In this Kaizen, we’ll walk you through how OAuth 2.0 authentication is handled using the Zoho CRM Python SDK, and how the SDK simplifies token refresh, storage, and management for multiple users and organizations across multiple data centers.

Introduction:

OAuth2.0 Recap:



Token Management using Zoho CRM SDKs:

Sample Project Overview

We’ve used a fully working sample project to demonstrate the OAuth flow in action.

Frontend

A static interface built using HTML, CSS, and JavaScript.

Files include:

• index.html – login and data input page
• script.js – client-side login and record handling
• redirect.html – used to capture the grant token from Zoho

Backend

A Python server using Zoho CRM SDK to:

• Authenticate users using OAuth 2.0
• Store and manage tokens
• Fetch and manipulate CRM records

Download the Project Files here.

Note:

Before running the project, you’ll need to register your client in the Zoho API Console. Once registered, use the generated Client ID and Client Secret in your server code.

If you're planning to support users across multiple Zoho Data Centers (DCs):

• Be sure to enable Multi-DC for your client.
• Use the same client credentials (Client ID and Secret) for all the DCs during authentication.

Implementation Demo:

How the SDK Maps Tokens to Users

One of the key challenges in multi-user apps is ensuring that each user's tokens are stored and retrieved correctly. The Zoho CRM Python SDK handles this automatically.

As part of the OAuth flow, the SDK retrieves the user's email and organization info in the background using the scopes ZohoCRM.users.READ and ZohoCRM.org.READ. It then uses this unique user–org combination to:

• Store access and refresh tokens separately for each user
• Automatically update tokens when a user logs in again
• Ensure that all API calls are authorized with the correct tokens

If you're implementing Login with Zoho using the standard OAuth redirect flow, all of this is handled internally by the SDK using the user and org information retrieved during login. There’s no need to manually pass a UserSignature in the token object.

 

If you're not implementing Login with Zoho, or if you’d prefer to explicitly associate a token with a known user, you can pass a UserSignature object during initialization:

1. from zohocrmsdk.src.com.zoho.api.authenticator import UserSignature
   
   
   user = UserSignature(email)
   token = OAuthToken(..., user_signature=user)
   Initializer.initialize(..., user=user)

This ensures the SDK can correctly identify the token's owner and separate tokens for different users or orgs in a multi-user application.

Multi-User & Multi-DC Token Management

Authentication can often be one of the trickiest parts of any integration, especially when you're dealing with multiple users, environments, and token refresh cycles. With the Zoho CRM SDKs, much of that complexity is handled for you, from generating and persisting tokens, to refreshing them silently when they expire, and managing user-org mappings behind the scenes.

We hope this Kaizen gave you a clearer picture of how to use our SDKs confidently in your apps. Try out the project, play around, and see how it all works in real time. 

If you have any queries, let us know the comments below, or send an email to support@zohocrm.com. We'd love to hear from you.

Previous Kaizen : FAQs on Multi-Select Lookup (MxN) Field in Zoho CRM | Kaizen Directory

Download Links:

• Project Files - Frontend
  
• Project Files - Backend Server
  

Further Reading:

• Kaizen #191 : Implementing "Login with Zoho" using Python SDK
• Configuration and Initialization of Zoho CRM Python SDK (V7) for different client types
  
• Zoho CRM Scala SDK (V6) - Configuration and Initialization
• Zoho CRM SDKs                                                                                                

• Topic Participants

• Anu Abraham

  

• Sticky Posts

• Kaizen #197: Frequently Asked Questions on GraphQL APIs

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Kaizen #198: Using Client Script for Custom Validation in Blueprint

  Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Celebrating 200 posts of Kaizen! Share your ideas for the milestone post

  Hello Developers, We launched the Kaizen series in 2019 to share helpful content to support your Zoho CRM development journey. Staying true to its spirit—Kaizen Series: Continuous Improvement for Developer Experience—we've shared everything from FAQs

• Kaizen #193: Creating different fields in Zoho CRM through API

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Client Script | Update - Introducing Commands in Client Script!

  Have you ever wished you could trigger Client Script from contexts other than just the supported pages and events? Have you ever wanted to leverage the advantage of Client Script at your finger tip? Discover the power of Client Script - Commands! Commands

• Recent Topics

• LinkedIn verification link and otp not receiving

  For the last 2 to 3 weeks I'm trying to verify my LinkedIn account to access my company's LinkedIn page, Linkedin is sending verification links and codes to this email address but I have not received any codes or links. Please help me here. Looking forward

• Zoho reply to not working. just reply to my self

  Hello. i using on my wordpress website a contact form from Wsform. i can set the reply to email there. normally it works. but since i am using your wordpress plugin zoho mail it doesn`t work. its not using the reply to (email from customer). I just can

• Mail Merge Stuck in Queue

  I am trying to send Mail Merge's and it never sends out to the full list. It always hits a portion and the rest remain in the "Queue" - the emails I am sending are time sensitive, so I need this to be resolved or have a way to push the emails through

• SMTP Email Sending Not Working for My Domains and Apps

  Hello Zoho Support Team, I am experiencing a critical issue with sending emails via Zoho SMTP for my domain humanhup.com. Both of my applications, HumanHup and CheapUI, are unable to send emails using Zoho SMTP, even though the same setup was working

• Receiving too many Spam Leads. Why?

  I am receiving so many junk leads from web forms created by zoho's platform. The junk queries are increasing day by day and are affecting our business. I am continuously following up with zoho team from the past one year but not getting any satisfactory

• Why is Zoho supporting the Proud Boys?

  Hello. This is the only way I can find to contact your company. There is someone in Maine posing as a law enforcement officer, attempting to kidnap immigrants. They are also recruiting for a known hate group. They have an email address hosted by Zoho.com.

• Composite Item - Associated/Component Items

  I am trying to find the Associated Item/Component Item field in the Composite Item Table in Analytics. Has anyone been able to find and utilize this field in Analytics?

• What is a a valid JavaScript Domain URI when creating a client-based application using the Zoho API console?

  No idea what this is. Can't see what it is explained anywhere.

• 🚀 WorkDrive 5.0: Evolving from a file sharing app to an intelligent content management platform: Phase 2

  Hello everyone, WorkDrive's primary focus has always been to provide an intelligent and secure content management platform, simplify collaboration, and be the central repository of files for all Zoho apps. In our previous announcement, we unveiled the

• Use openUrl() to edit a specific record

  I am working on a queue app for my organization. I have a master queue that is a report of meetings with workflow buttons to manipulate the records. One of these buttons I would like to open the record and edit for the purpose of changing the queue lookup

• why i cant access my web without the www

  please help me

• Send Whatsapp with API including custom placeholders

  Is is possible to initiate a session on whatsapp IM channel with a template that includes params (placeholders) that are passed on the API call? This is very usefull to send a Utility message for a transactional notification including an order number

• Help Centre Articles in Desk, Zia and iframe

  Hi, We embed SOP documents into articles from Scribe into using iframe. We are looking at zia indexing articles to present to agents to aid their work. Please advise if zia can view and learn from the content within the iframe?

• Rich Text/WYSIWYG Input Area

  I'd like to have an option on ZoHo creator to create an input text area for HTML/rich text formatting. :)

• How to create a directory report from one-to-many relationship

  Hi all, Newbie here. I'm converting an Access DB to Creator. I've learned Forms are tables and Reports are used to edit table rows, not Forms. I've got the data loaded and can maintain it with the Reports already done. I've done filtering and sorting,

• Change Default Selection for Lookup field

  I have a Lookup field that I have locked, when I unlock it - the user can select the proper Zone but I need it locked, since this may change based on user selection of another field. Example. There are 3 potential zones. User A selects the Hospital Account

• Restrict visibility and user permissions Creator 5

  I don't understand how restrict visibility for reports interacts with the already established role permissions. It seems that the default on restrict visibility has everything checked for all users, but I cannot set up different levels of permission for different individuals.  Right now I have three different ways to manage users and their access and it's confusing because everything has not migrated to Creator 5. Don't the role permissions extend to the reports as well? Are the selections under

• LMS - Why do Trainers have to be Users?

  I'm not sure why the software is set up where trainers must be users (i.e., employees). This should really be changed, as there are many cases (the majority of cases for some companies) where classroom trainers are external or contractors. If this is

• ZOho mail not stopped working with my domain.

  i have changed my name server settings in my domain sigmasquaretec.in . After that my emails are not working with ZOHO.

• Request to Cancel Zoho Mail Subscription

  Hello Zoho Team, I have migrated to Google Workspace and would like to cancel my Zoho Mail subscription for my organization. Organization Name: AR Creators Media Admin Email: roman@arcreatorsmedia.com Subscription ID: RPUS2005901960812 Please cancel the

• zoho smtp limit for free users

  What is Zoho SMTP limit for free users?

• Mailboxes and Alias Email Addeases - Best Palestine’s and Advice:

  Mailboxes and Alias Email Addresses - Best Practices and Advice: what is the best practice for the efficient means to manage And sort, alias, email addresses and third-party after or even the Zoho app itself. I am currently using both Thunderbird and

• Has anyone built a discussion forum with a Creator Portal?

  I have built a Creator app for organisations to apply for refurbished tools that are sent by a charity. The charity now wants recipient organisations to be able to connect with each other within a region or country, to share advice on maintaining the

• Ability for Super Admin to Set Locale Information for Users in Zoho Recruit

  Dear Zoho Recruit Team, I hope you're doing well. We would like to request the ability for Super Admins to configure Locale Information (Country/Region, Date Format, and Time Format) for users in Zoho Recruit. Currently these settings are only configurable

• Add a block or widget to Zoho Sites that allows users to create an interactive contact card with contact buttons (email, LinkedIn, website, etc)

  The proposed feature consists of a pre-designed, customizable block that displays a person's contact information (e.g., a speaker, sales representative, or independent professional) and offers quick access to: Email (icon with mailto: link) LinkedIn profile

• Zoho Recruit > Email Templates

  Dear All Background: We are using Zoho Recruit for the 4 business units under our group of company it our posting our of Job it will be done via our internal recruiter. In the Email templates, i want to be able to insert the individual business unit,

• Zoho Voice & Zoho Recruit/CRM

  Hello, I'd love to use Zoho Voice with Recruit and CRM but it would need something very important to me, that has been a game changer to my daily routine, like Calendly has been for scheduling interview. It's call transcription with AI. I'm using Noota

• Change start time after starting the timer

  Hello Projects Community, an amazing feature would be to change the start time of a running timer. I know this from some other time tracking softwares. Any idea about this? Best wishes Niels

• Sending possible. Receiving not possible.

  We are not receiving mail in our company email. Could you please solve this. It has been recurring and I want it to be resolved once and for all. Please help.

• Problema para enviar y recibir correos

  Buenos días, mi cuenta de correo secretaria@construccmauro.com presenta problemas y no me permite ni me envía ni recibe correos, me sale este error.No fue posible enviar el mensaje; Motivo: 554 5.1.8 Correo electrónico bloqueado saliente.  Aprende más., Agradezco

• Data access tasks like 'For each record' aren't supported for 'integration forms'.

  My code is not running because i get the error "Data access tasks like 'For each record' aren't supported for 'integration forms'." I have my integration setup with Zoho CRM + Zoho Creator, the form is visible and working on my zoho creator however in

• Zoho Reports Not Grouping from Subforms

  I have created reports from a subform. We have a budget from a standard field, and the bills added to a subform. I've summarised the bills in a field. In edit mode, the bills are joined per supplier, which is what we want. But then it converts and separates/duplicates

• Create Automation for the Field "Mark up by"

  Hello everyone, I'm importing expenses from Zoho Expense to Zoho Books. I want to auto-calculate the "Mark up by" field based on the custom field “Discount” I created before. The trigger of the workflow will be the creation of the expense itself. The

• Free Webinar Alert! Before vs After: Proven ROI from Zoho CRM + Workplace Integration

  Hello Zoho Workplace Community! Before: Scattered tools, lost leads, fragmented communication. Are you ready to stop the constant back and forth between tools to manage leads, emails, and team communication? After: Connected tools, streamlined processes,

• Zoho Forms to Zoho Sign Integration - Fields Missing

  If a Zoho Form has image fields, it seems these can't be transferred to a Zoho Sign template for digital signature. Is there any way of pre-filling Zoho Form images onto a Zoho Sign template? Many thanks.

• Is zoho SMTP slow today?

  Hi guys, Since yesterday I'm facing a slow communication over SMTP while sending emails. I already tried to use tls and ssl but nothing changes. There is anyone else experiencing related issues? I didn't find any maintenance in progress. Tested another

• Link project invoices to sales orders

  As a business owner and project manager I create estimates with my clients which then become sales orders. When billing for project work I want to invoice against the agreed sales order. I see that I can create invoices and link them to sales orders in

• The Urgent Need for Native Brazilian Payment Integrations: PIX and Direct Bank Connections

  Hello Zoho Team, I am writing to emphasize a critical functionality gap for Zoho Books in the Brazilian market: the lack of modern, native payment gateway integrations. The current options are insufficient. The Mercado Pago integration, for instance,

• How to Fetch Images from Related Modules in Zoho CRM Mail Merge Templates?

  Hi team , Hope this email finds you well. I have a requirement where I need to create mail merge templates within Zoho CRM in such a way that they fetch images from a record stored in a different module. The way it works is I have one module "A" which

• Zoho Calendar (Refresh Rate)

  Why don't the calendars refresh more than every 12 hours? That is crazy. I cannot be the only user who wants to see this change? I see and understand that I can MANUALLY update them, but need them to auto refresh either (1) whenever there is a change

• Next Page