Enhancements to Custom Connectors in Zoho Creator

Enhancements to Custom Connectors in Zoho Creator

Hello everyone,

At Zoho Creator, we believe in providing you with the necessary tools to achieve a well connected ecosystem of apps. Our Custom Connectors feature is a testament to this, enabling you to integrate with a wide range of external services beyond those available through built-in connectors.

While our built-in connectors already cover over 500 popular services (with new ones being added regularly), custom connectors take this a step further by allowing you to connect with virtually any third-party service.

To make this powerful feature even more robust and enterprise-ready, we've rolled out a series of enhancements designed to support advanced authentication methods, enable secure cloud integrations, and ensure seamless connectivity with external services. In this post, we'll walk you through the most recent updates:
  • OAuth 2.0 - Client authentication modes
  • AWS Signature authentication 
  • Bearer token authentication
Let's explore each in detail:

OAuth 2.0 - Client authentication modes

Different APIs have varying expectations for how client credentials should be presented during OAuth token exchange. Until now, our OAuth authentication type assumed a single client authentication method, and users faced issues when credentials had to be sent in the authorization header. To address this, we've introduced a new Client Authentication option for custom connectors using OAuth 2.0. This allows you to specify how your client credentials (Client ID and Client secret) are transmitted to the authorization server during the token request process. You can choose from two options:
  • Include in the form data (Default): This method adds your credentials to the form data submitted within the body of the request.
  • Include in the authorization header: This method places your credentials in the request's security header using HTTP basic authentication.
Why this matters
  • Improved compatibility with APIs that enforce strict authentication rules
  • Smoother integrations with enterprise-grade APIs
  • Reduced authentication errors

Example
Assume you want to integrate Zoho Creator with Reddit, a popular social media platform. The Reddit API uses OAuth 2.0 and its documentation explicitly states that client credentials must be sent in the Authorization header using basic authentication.

Now, when configuring your OAuth 2.0 custom connector in Zoho Creator, you can simply select Include in authorization header under the Client Authentication field. This ensures your authentication flow will work as expected, without any custom code or middleware.

AWS Signature authentication

The industry-standard authentication required to securely interact with AWS services is now supported in Zoho Creator. The new AWS Signature 4 authentication type within Custom Connectors enables you to integrate with AWS services without relying on any middleware or authentication workarounds. This unlocks the ability to connect to a wide range of popular AWS services (such as S3, Lambda, DynamoDB, and more) and perform the required actions.

Why this matters
  • Enterprise-grade security for applications that deal with critical workloads or sensitive data
  • Seamless automation of workflows with your existing AWS infrastructure from within Zoho Creator
  • Complies with AWS's Signature Version 4 method, which ensures robust security and maximum compatibility while authenticating requests to AWS services
Example
Consider a setup where your organization generates critical business documents using a Zoho Creator application. You may need to store these documents in their AWS S3 bucket for recordkeeping and auditing purposes.

With the introduction of the new AWS Signature authentication in Custom Connectors, you can easily connect to S3 by providing your AWS credentials and region. Then you can use the invokeURL task to transfer documents from Zoho Creator to your S3 bucket.

This enables seamless and secure integration with AWS, bringing the full power of AWS's cloud capabilities into your Creator apps.

Bearer token authentication

Zoho Creator now supports Bearer token authentication. Many third-party services, like GitHub and Slack, use this authentication type, which is a lightweight method that enables secure API calls without the need for full OAuth. Now you can seamlessly integrate these services into your applications using custom connectors.

Why this matters
  • Eliminates the need for complex setups associated with other authentication types, like OAuth, making it ideal for APIs that use token-based access
  • Enables faster, hassle-free integrations with internal tools, developer platforms, and microservices
Example
Assume your sales team relies on Slack for internal communication. With Bearer token authentication now supported in Zoho Creator, you can establish a custom connector with Slack. Then you call Slack's API using invokeURL to automatically post updates to a channel whenever a new lead is generated.

In essence, this is a simpler, more secure path to connect Creator with modern APIs from GitHub and Notion to your own internal systems.

Help documentation

We've updated our help resources to reflect the recent enhancements to Custom Connectors. For detailed information, please refer to the Understand Connectors page.

Bonus: mTLS in Zoho Creator

While we're on the topic of custom connectors, let's wrap things up with a platform-level security upgrade. For the first time in the Zoho ecosystem, Zoho Creator now supports Mutual Transport Layer Security (mTLS) across all integrations. mTLS is available for both built-in and custom connectors. 

mTLS provides an added layer of security by enabling certificate-based, two-way authentication and ensures that both the client and server verify each other's identity. 

Why this matters
  • Particularly valuable for enterprises operating in zero-trust environments
  • Helps meet compliance requirements, such as HIPAA, ISO 27001, GDPR, and other industry standards
Availability
mTLS is currently available only on demand. Please reach out to our support team if your integrations require mTLS-based authentication.

These powerful enhancements reaffirm Zoho Creator's commitment to helping you build deeply integrated, enterprise-grade business applications—and we'll continue enhancing the platform to support your evolving needs. Stay tuned for more updates coming soon!

Till then,
The Zoho Creator Team

    • Sticky Posts

    • Zoho Creator - 2023 Release Projection 1

      Hello everyone! A very Happy New Year to you and your family. Hope you're all good and having a great time using Zoho Creator to make your lives easier and your businesses prosper. 2022 was an action-packed year for us at Creator, and we hope to continue

    • Zoho Creator User Group meetups in a city near you! - Oct - Nov, 2023

      Greetings from the Zoho Creator team! We're hosting a series of Zoho Creator meetups in various cities across the globe, and we'd love to meet you there! Our meetups are a great opportunity to network with industry peers, exchange ideas and best practices,

    • Zoho Creator - 2023 Release Projection 2

      Hello everyone! Time truly flies when you're having an incredible journey, and today we mark the completion of an eventful and action-packed six months. It feels like just yesterday when we embarked on this adventure together with the launch of our new

    • Upcoming Updates - August 2022

      Hi all, Greetings from the Zoho Creator team! Today we've got news for you on some exciting updates. And rest assured— there’s more to come! In this post, we'll be going over the upcoming features and improvements for this month as mentioned below. A

    • Introducing Zoho Creator's v2 APIs

      Hello App Creators, Welcome to Zoho Creator's v2 APIs! This post will serve as the central point for migrating implementations of Creator's current APIs (v1) to v2. Improvements that v2 brings OAuth-based authentication, which is more secure than the

    Nederlandse Hulpbronnen