Kaizen #116 - Client Types in Zoho API Console

Kaizen #116 - Client Types in Zoho API Console

Hello everyone!
Welcome back to another post in the Kaizen series!

This week, we will discuss different client types available in Zoho API Console, and when to use each.

When you register an app in Zoho API Console, you typically choose a client type based on how your application interacts with Zoho services.
Let us discuss the available client types and how authorization is handled for each.

Available client types

  1. Server-based
  2. Client-based
  3. Self client
  4. Non-browser-based
  5. Mobile-based

1. Server-based

If you have a web-based application that runs on a dedicated HTTP server and interacts with Zoho services by calling Zoho APIs via that server, you must register your app with this client type.
This client type is for applications that redirect the users to another URL on a web browser to authorize themselves, where they give consent to your application to use their data.
In other words, you must use this client type when you have a front-end web UI and require user intervention before your app can access user data via the dedicated server.

Consider that you are developing a web-based custom application. Users authorize that app via browser to allow their Zoho CRM data to be accessed and used by that application.
During the registration process in Zoho API Console, you would choose the "Web-based" client type.
OAuth 2.0 would be used for user authentication, allowing your app to securely access and interact with Zoho CRM data on behalf of the users.

Here is a gist of what happens:
  1. Users visit your website where you have the Login with Zoho button.
  2. When a user clicks it, that user will be redirected to accounts.zoho.com with the details of your app such as client ID, scope, redirect uri, access type as the URL parameters.
  3. Your app must make an API call to Zoho Accounts with the client ID, scope, redirect uri, and access type. Users are shown the data that your application wants to use.
  4. When users give their consent, Zoho redirects them back to your app.This will be the "Redirect URL" you give while registering your app.
  5. The redirect URL will have the authorization code(grant token) as one of the parameters, along with the location(user's domain).
  6. Your app must then make API calls from your web server to Zoho Accounts to generate access and refresh tokens with the generated grant token.
  7. You must store these tokens in your DB to access that user's data in Zoho CRM. While making API calls, you must send this access token in the header.
  8. Your app must also have the logic to regenerate access tokens from refresh tokens when the access token expires.
Note that your app must take care of storing user's details like email, organization ID, and tokens.

The following image shows the protocol flow.


You can use any of our server-side SDKs to simplify this process.
When you use our SDK, all you have to do is, generate the grant token and initialize the SDK with the client details and this token. The SDK takes care of access token generation, refreshing it, and token storage.


For more details, you can refer to the Accounts guide and CRM help doc.

2. Client-based applications

This client type is for applications that do not have a server and run exclusively on a web browser.
This is also called the Implicit flow as your app makes API calls to Zoho only when users are using your app.
This type of application loads data dynamically on the webpage, and accesses Zoho CRM data by making API calls via Javascript.

Consider the same example where there is a Login with Zoho button on your webpage.
Here is a gist of what happens when a user clicks it.
  1. Your app redirects the user to Zoho Accounts.
  2. Your app makes the authorization request with the client ID, redirect uri, scope, and response type as token.
  3. The user is shown the data that your webpage would use.
  4. When the user gives consent, Zoho Accounts sends the access token to the redirect uri as a parameter, along with the expiry time and the location of user's data in Zoho's accounts server.
  5. You can include the "email" in your scope parameter in the access token request to get user's information. The response will have a parameter called id_token that will be in the header.payload.signature format. You need to decrypt the payload section of the parameter using the base-64 decryption algorithm to get user information.
  6. Your app must then make API calls to Zoho with this access token to fetch data.
  7. When the access token expires, your app must take care of regeneration and storage.


As the API calls are made from your domain to a different domain(zohoapis.com), for security reasons, the browser will throw the CORS error. So, your domain will be registered while registering your app, and Zoho will know to allow the API calls made from that domain.

As the tokens are available on the browser itself, we recommend handling them with care.
When you use our client-side JS SDK, it automatically generates a new access token upon expiry.

3. Self Client Applications

When your application does not have a redirect URL or a UI, but performs only a backend job, and does not need user intervention, then you must choose this client type.

A self client is often used when the application and Zoho services are operated by the same entity, and you want to enable secure communication between them. For example, you have an internal reporting tool and integrate it with Zoho Analytics. In this case, both the tool and Zoho Analytics are operated by the same entity.
Similarly, consider that you have a legacy product management system and want to perform data sync between Zoho CRM and the system, then you must use the self client.

Here is a gist of what happens.
  1. You register your app as self client in Zoho API Console.
  2. You will get the client details such as ID and secret.
  3. You provide the scopes required for your app to access CRM data.
  4. You will receive the grant token.
  5. Your app must then make API calls to Zoho Accounts to generate access and refresh tokens.
  6. Your app can then use this access token to make API calls to Zoho CRM and use data.
You can refer to our older Kaizen post on this topic for more details.
Note that self client apps can also use any of our server-side SDKs. As already said, the SDK takes care of access and refresh token generation, refreshing the access token, and token storage.

4. Non-browser applications

This client type is for devices that do not have a user agent such a web browser. A TV, for instance.
Let us consider an example involving a smart TV application that integrates with Zoho ShowTime. In this scenario, the smart TV application acts as a non-browser client.
Here is how authentication is handled:
  1. You must register your smart TV app in Zoho API Console with the type "Non-browser application".
  2. Users install a dedicated Zoho ShowTime application on their smart TVs.
  3. When users launch the Zoho ShowTime application on their smart TV, they are prompted to authenticate with their Zoho ShowTime account.
  4. When they successfully authenticate, Zoho Accounts sends the grant token to your app, along with the user-code, device-code and verification URL,The user must go to this verification URL on a browser and enter the user-code to grant permission to the app.
  5. Meanwhile, your app must poll the accounts server using the grant token to check if the token has been received.
  6. When the user enters the user code, Zoho Accounts sends the access token to your app.
  7. Your app can then use the access token to make API calls to Zoho. Your app must take care of token storage and renewals.

Here is the protocol flow. For more details, refer to this doc.


5. Mobile-based applications

You must use this client type when you have developed an app exclusively for mobile devices. The protocol flow is similar to server-based application where a browser session is required for the users to authenticate.



Similar to server-side apps, mobile apps also need to handle redirection, token generation and storage.
If you use any of our Mobile SDKs, the SDK itself handles token generation and storage.

We hope you found this post useful. Let us know your thoughts in the Comment section or write to us at support@zohocrm.com.


Cheers!

    • Sticky Posts

    • Kaizen #198: Using Client Script for Custom Validation in Blueprint

      Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

    • Kaizen #226: Using ZRC in Client Script

      Hello everyone! Welcome to another week of Kaizen. In today's post, lets see what is ZRC (Zoho Request Client) and how we can use ZRC methods in Client Script to get inputs from a Salesperson and update the Lead status with a single button click. In this

    • Kaizen #222 - Client Script Support for Notes Related List

      Hello everyone! Welcome to another week of Kaizen. The final Kaizen post of the year 2025 is here! With the new Client Script support for the Notes Related List, you can validate, enrich, and manage notes across modules. In this post, we’ll explore how

    • Kaizen #217 - Actions APIs : Tasks

      Welcome to another week of Kaizen! In last week's post we discussed Email Notifications APIs which act as the link between your Workflow automations and you. We have discussed how Zylker Cloud Services uses Email Notifications API in their custom dashboard.

    • Kaizen #216 - Actions APIs : Email Notifications

      Welcome to another week of Kaizen! For the last three weeks, we have been discussing Zylker's workflows. We successfully updated a dormant workflow, built a new one from the ground up and more. But our work is not finished—these automated processes are

    • Recent Topics

    • Zoho One Unified Portal - Applications

      Hello, It is great to see the work on the New Unified Customer Portal. Thanks for that. The number of applications is limited though. It is now only around the Zoho Books ecosystem (Books, Expense...) and Zoho Social. = Are other applications planned

    • Marketing Tip #10: Start a customer loyalty program

      Winning a new customer is great, but keeping them coming back is even better. A loyalty program rewards repeat buyers with points, giving them more reasons to shop again. Over time, this builds trust and long-term relationships. Try this today: Set up

    • Zia Actions: AI-powered Workflow Automation for Faster and Smarter Execution

      Hello everyone, Updated on 12th Dec 2025 Zia actions for Workflow is available for Enterprise edition ONLY. These features are currently available in the following DCs: US, CA, EU, IN, and AU Email Auto reply and Content Generation are available as Early

    • Do Individual Forums within Categories, in Desk Community, Produce Their Own RSS Feed?

      Do Individual Forums within Categories, in Desk Community, Produce Their Own RSS Feed? If not, can anyone share a work-around that could help me get an RSS feed for individual category forums?

    • Incremental Migration Issue – Ticket Showing Resolution on Dec 9 Despite Urgent MX Cutover (Ticket ID: 152080262)

      I am experiencing an issue with Zoho Mail incremental migration from Rackspace. The initial full migration completed successfully, but the incremental migration for one mailbox failed immediately with the message: “User not exist” This appears to be a

    • Resend Client Portal Invitation + View Email Delivery Status

      Hi Zoho Team, We hope you are doing well. We would like to request two important enhancements related to the Zoho Creator Client Portal invitation process. At the moment, when we add a user to the Client Portal, Zoho Creator automatically sends an invitation

    • Get user last login

      1. Is there a way to programmatically get the last user login to trigger certain workflows? 2. Is there a way to programmatically access the custom fields on a user's account?

    • Seeking Zoho Creator Expert (Delivery Management App / Logistics Ops) — Built & Deployed Before

      Hi everyone, We’re building a Delivery Management App (focused on delivery operations for now) using Zoho Creator. We’re looking for a Zoho Creator expert who has already developed and deployed a similar delivery/workflow system and can assist us with

    • Adding Multiple Files to a Zoho Vault Entry

      There is a old blog post talking about adding multiple file attachments to one Zoho Vault Secret: https://www.zoho.com/blog/vault/introducing-new-features-in-zoho-vault-powerful-password-sharing-wider-storing.html Is that still possible, I can see how

    • FNB South Africa Bank Feed

      I should've thought this wouldn't work. As suspect, Zoho claims to be able to pull bank feeds from First National Bank (South Africa), but fails everytime. I suppose Xero (or even Sage One) is the way to go? If they (miraculously) get it to work again,

    • Zoho unreliable

      Some mails are delivered, others not. How can I trust Zoho any more? Some friends get my e-mail, some don't. Same with receiving e-mails: Some I get, some not. If I use Google, everything works well. But Zoho?!!! How to solve this problem? I already reported this problem before, but didn't get any reply. Thanks, Kim

    • the custom domain forwards by default to the old career site / how to switch it off??

      dear friends, how to switch off the old version of the career site?? The set up custom domain forwards directly to the old site, so that I cant publish it... Any ideas? Thank you! KR, Victoria

    • Preserve Ticket Issue Mapping When Migrating from Jira to Zoho Projects

      Hello Zoho Projects Team, We hope you are doing well. We are currently exploring a full migration from Jira to Zoho Projects, and we identified a critical limitation during the migration process involving Zoho Desk integration. Current Situation: We use

    • Recording Shopify/Amazon fees in Zoho Books - Zoho Inventory

      We are currently flushing out the connections between Shopify/Amazon and Zoho Inventory. For other users of Zoho Books - Zoho Inventory, where and at what point do you record the merchant fees associated with theses channels? I have gotten mixed responses

    • Pre-fill webforms in Recruit

      I don't want to use the career site portal (as I have my own already), but I would like to direct users to the application forms for each role, from my website job pages. Is there a way to pre-fill fields in Recruit application forms, so that I only have

    • Taxes Payable Adjustment

      I am from Canada and I need to make an adjustment to my Taxes Payable (HST) account.  Basically I need to take a portion of the amount within Taxes Payable and expense that portion to another account.  The adjusting entry would like like the following:

    • ASAP Widget Not showing "My Tickets"ed

      Hello Team, I have created a ZOHO ASAP Widget and embedded to my portal app.clearvuiq.com , widget renders ok and I can open tickets from widget. However I want my opened tickets to be visible in the widget. How can I achieve that?

    • How to view CRM Sales Orders in Desk

      What's the usual way to view all CRM sales orders linked to a contact, when viewing a ticket in Desk? I don't want to have to open a new tab to see the order in CRM. And the Desk CRM sidebar doesn't seem to be configurable. Would I have to use an extension

    • Kaizen #219: Actions API - Webhooks APIs - Part 1

      Hello all!! Welcome back to a fresh Kaizen week. In the previous weeks, we covered Workflow Rules APIs, Actions APIs - Email Notification APIs, Tasks Update API, and Field Update API. This week, we will continue with another Actions API - Webhooks API

    • Pricing Strategies: #3 Services never Stop with just Plans

      "Hey, while you're here, could you also take a look at the vegetable patch?" Aaron hears that line almost every week. He runs a small gardening service, the kind where customers subscribe to a simple monthly plan that includes basic maintenance, mowing,

    • Cropping Photos for Zoho Sites

      Hi, I'm wondering if there is a built in crop tool for zoho sites for my photos so I can crop them and see what the crop looks like on the site?

    • Possible for first Signer of Sign Form to specify the next signer in the sequence

      We have many use cases where multiple signers need sign the same document. We'd love to be able to use sign forms, where the a signer who uses the Sign Form link can specify the name and email address for the next person in the sequence.

    • BUG: Can't copy-paste data outside Sheet

      Currently I can't paste data copied from inside any of my Zoho Sheet files to any other app. Copy-paste works inside the sheet It does NOT work between two different sheets These sheets are built from automation templates Everything works fine if I create

    • Zoho CRM Community Digest - November 2025 | Part 1

      Hello Everyone! Here’s what came through in the first half of November: new updates and a few helpful community discussions with real, notable solutions. Product Updates: Android App Update: Inctroducing Swipe Actions You can now swipe left or right on

    • Truesync for Linux

      Is Truesync available on linux ?

    • Hidding/excluding specific picklist options from filter

      Hi. Is it possible to hide/exclude specific picklist options from this filter? I don't want them to be shown when someone tries to filter in the leads module

    • Subforms to Capture Multi-Row Data in Job Sheets

      Subforms transform your job sheets from simple checklists to powerful, data-rich forms. In field service work — whether maintenance, inspection, installation, or repair — a single job can involve multiple repeatable entries: readings, parts used, activities

    • Add "Fetch Composite Item" Action for Inventory

      I want to make a Flow that uses information returned in the GET call for Composite Items, and it's not currently available in Zoho Flow. Please consider adding this functionality.

    • Adress Labels for sending of the oder und barcode

      We want to print with my address labels to stick on the order of the ware can. there are these options?

    • printing individual labels - Dymo LabelWriter

      I am trying to print individual labels to my Dymo LabelWriter - has anyone done this? Latest Update (December 2025): The Canvas Print View is now available! We encourage you all to try it out and share your feedback with us. Learn more here: Zoho CRM

    • Zoho Creator for Agriculture

      Greetings, I am starting to work on  Zoho Creator specifically for the agricultural field, any recommendations, tips or ideas that might be helpful ? Also, if you are interested by any means in working on such project, kindly contact me. The project is

    • Custom Print Layout

      I would like to create a custom print layout of a Lead or Contact. Is there a way to do that? What I mean is that if I'm viewing a specific lead or contact I'd like to be able to print or export that lead/contact and only print and/or export certain information.

    • Print View

      Nothing happens when I'm in a module , ie; Contacts, and I hit the Print View Button. Even when it does come up and say "loading", nothing loads

    • Get Holiday ready with Zoho Mail's Offline mode

      With the holiday season right around the corner, this is the perfect time to get ready to unplug, relax, and enjoy a well-deserved break. In addition to preparing yourself, you can also make sure your organization members are set for their time away from

    • Solution to Import OST File into Office 365.

      MailsDaddy OST to Office 365 Migration Tool is an outstanding solution to recover OST files and migrate them into Office 365 without any hassle. Using this software users can multiple OST files into Office 365 with complete data security. It offers users

    • Zoho CRM Kiosk issues

      Firstly this is for a system on the AU servers if that makes a difference. Issues are as follows (For Kiosk): 1. Re-ordering fields in the screen builder is broken. The fields seem to be re-ordering themselves, unless you order everything by moving the

    • Email Template Edits Not Saving

      I can make an edit, click save, and see the blue bar annimation at the top, but the edits don't actually save. Important, because my email templates are now broken and clients are receiving bad emails. Tried on Chrome, Firefox and IE.

    • Can I have different users see different pick list values for Potential Stage?

      We have some users focusing on new business and others focusing on existing business, and they follow different sales processes/cycles, so we would like them to see different pick list values for Stage (eventually leading up to Closed Won/Lost in both cases).   And just to keep it interesting - some of these users will of course do a combination, so would need to see one pick list for their New business potentials and a different pick list for their Existing business ones.   Salesforce does this

    • Tracking Snippet not working in Zoho Marketing Automation!

      First off, the fact that you have to wait about 12-24 hours for every response is terrible. How are we supposed to conduct business? Second, we have been trying for several days to get the Tracking Code Snippet in marketing automation to work, to no avail.

    • Is there any way to send an Excel received by email to Dataprep?

      Every day I receive an email alert with an Excel file that I want to process through a Dataprep pipeline. To do this, I need to: -Save the file to disk -Open the pipeline -Run the pipeline -Update the source -Several clicks to select and open the saved

    • Next Page