Zoho Recruit | Authorization Request

Authorization Request

To authorize your application, you need to redirect the user of the client application to the appropriate authorization endpoint. On a successful login, Zoho Recruit will call your redirect URI along with an authorization code.
Note: 
You must make the authorization request from https://www.accounts.zoho.com/ for EU and IN domains. After the request is successful, the system will automatically redirect you to your domain.
For US domains, make the authorization request from https://www.accounts.zoho.com/
For EU domains, make the authorization request from https://www.accounts.zoho.eu/
For CN domains, make the authorization request from https://www.accounts.zoho.com.cn/
For IN domains, make the authorization request from https://www.accounts.zoho.in/
For AU domains, make the authorization request from https://www.accounts.zoho.com.au/
You can obtain the grant token in one of the following ways:
  1. Redirection-based code generation
  2. Self-client option

Redirection-Based Code Generation  

This method allows application users to authorize the application and obtain the grant token (code) from the address bar of the browser.
  1. After you receive your client ID, enter the following authorization URL in your browser

Parameter

Description

scope

The data that your application wants to access.

client_id

The client ID (consumer key) that you obtained during client registration.

redirect_uri

The callback URL that you specified during client registration

response_type

Enter code.

access_type

Enter access_type as online or offline. If you want to generate the refresh token, set this value as offline.
  1. Click Accept. The browser will redirect you to the redirect_uri you specified during client registration.
    Note: If you click Reject, the browser will redirect you to your domain with the parameter error=access_denied in the address bar. Your application is denied access to the data in your Zoho Recruit account.
  2. Your browser will display the following URL in the address bar

    {redirect_uri}?code={grant_token}&location=us&accounts-server=https%3A%2F%2Faccounts.zoho.com

  3. Make a note of the code={grant_token} parameter. This is your grant token. Use this to generate access and refresh tokens.
    Note: The grant token is valid only for one minute.
  4. The authorization URL contains the scope for users. You can change the scope as required.

Self-Client Option  

Use this method to generate the grant token if your application does not have a domain and a redirect URL. You can also use this option if your application is a standalone server-side application performing a backend job.
  1. Click on the vertical ellipsis on the client row and select Self Client.
  2. Enter a valid scope for the client. You can enter multiples scopes for a client at once.
  3. Choose the expiry time from the dropdown. This indicates the time the grant token (code) is valid for.

  4. Click View Code to display the code. This is the grant token. Save this code and click Close.
  5. Use this grant token to generate access and refresh tokens.