Kaizen 141 Zoho CRM's API Collection in Postman
Hello everyone!
Welcome back to another week of Kaizen!
In today's post, we will discuss:
- What is Postman?
- Zoho CRM's API Collection in Postman
- Where is it available?
- Prerequisites for using the collection
- Forking the API Collection from Zoho CRM Developer Workspace
- Setting up the environment
- Registering a Client in Zoho API Console
- Generating tokens
- Making an API call
- A quick alternative to token generation using Guided Auth
1. What is Postman?
- A popular tool for API development and testing.
- User-friendly interface for making API requests, viewing responses, and managing different environments.
2. Zoho CRM's API Collection in Postman
- Boilerplate requests that you can use to test and explore the CRM APIs in various environments for multiple organizations.
- Makes the process of exploring APIs swift and effortless. It also significantly reduces the risk of errors.
3. Where is it available?
The Zoho CRM API Collection is available in Zoho CRM Developers workspace in Postman.
4. Prerequisites for using the Collection
- A Zoho CRM account to access the Zoho API Console.
- A registered client (self-client/web-based) to generate an org-specific grant token.
5. Forking the API Collection from Zoho CRM Developer Workspace
- Download and install Postman.
- In the Postman app, click the search icon at the top bar and type Zoho CRM Developers. The Zoho CRM Developers Workspace opens.
- Click Collections on the left bar.
- Click the more actions icon.
- Click Create a Fork.
- Give a name to your collection, and choose the workspace you want to save it to.
- You can select one or more environments to fork and pin to the collection.
- Click Fork Collection. Forking will happen in the background.
6. Setting up the environment
An environment is a group of variables that you can reuse in API requests and scripts.
- Click Environments on the left bar.
- Click Create Environment and give it a name.
- Under Variable, add the following variables:
client-id
client-secret
redirect-uri
authorization-code
access-token
refresh-token
accounts-url
api-domain
expiry-time
7. Registering a client in Zoho API Console
For your app to be able to use users' data in Zoho CRM across multiple orgs, you must register your app as a client in Zoho CRM.
In this post, we have used Self Client as the client type. For details about when to choose between a self-client and web-based client, refer to this Kaizen post.
- Go to Zoho API Console.
- Click Add Client.
- Choose Self Client from the list of client types and click Create Now.
- You will see the client ID and client secret.
8. Generating the tokens for a self client
Zoho CRM APIs follow the OAuth2.0 protocol for authentication.
This involves three tokens viz, grant token(authorization code), access token and refresh token.
- Grant token - Also called the authorization code, for a self client, this token is generated in the API console itself. This token informs Zoho's authorization server(Zoho Accounts) that your app wants to access Zoho CRM users' data(bound by scopes). This token is environment-specific, i.e, if you choose a production org while generating this token, you can access Zoho CRM data in the production environment only. This token is valid from 3 minutes to 10 minutes based on what you choose in the console.
- Access token - After you have authenticated your app and generated a grant token, you must exchange it with Zoho Accounts for an access token. This access token will also have the same scopes as your grant token. This token is valid for one hour. You must send this token in the header of every API call as a bearer token.
- Refresh token - Since the access token is valid only for an hour, you can use the refresh token to generate a new access token. Instead of creating a grant token again for the same scopes and generating another access token, you can directly use the refresh token and get a new access token with the same scope. Refresh token is valid until you revoke it.
Let's see how to generate these tokens.
Creating the grant token is a one-time process. After you generate access and refresh tokens using the grant token, you can simply use the refresh token to create new access token every hour.
9. Making an API call
Now that we have generated the tokens, let's make an API call using the access token.
- Navigate to V6 > REST APIs > Records > Get Records > Accounts.
- You can see the request with a few fields already in place.
- Modify the parameters as required.
- Under Auth, you can see the variable {{access-token}} that holds the access token we generated earlier.
- Hit Send to get a response.
10. A quick alternative to token generation using Guided Auth
Postman has introduced a new flow called the Guided Auth. This method allows new users to acquaint themselves with making API calls and testing them, without the hassIe of setting up a client.
In this flow, Zoho acts as the client and takes care of generating the grant and access tokens for a set of pre-defined scopes.
Follow these steps to use Guided Auth.
- Click Set Up New Authorization in Postman.
- Click Authorize. You will be redirected to Zoho's Login page.
- Sign in to your Zoho account.
- Choose the org for which you want to generate the token.
- Click Agree on the consent screen to grant permission to use your Zoho CRM data as per the scopes on the screen.
In the backend, Zoho generates the grant and access tokens, and you will see the access token in your Postman instance under Auth Credentials.
Note that flow does not give you a refresh token. This method is only to get a head-start with APIs without facing authorization errors. As always, the access token is valid for an hour, after which you have to follow the process of authorizing Zoho to generate another token.
As you can see, when you use our API collection, making API calls to Zoho CRM is a piece of cake as all the requests are already in place with examples.
We hope you found this post useful. We'll meet you next week with another interesting post!
Cheers!
Topic Participants
Shylaja S
Vigneshwaran K
Sticky Posts
Extension pointers for integrating Zoho CRM with Zoho products #8: Upload and manage Zoho Workdrive folders and files from within Zoho CRM
Keeping records on your customers and business prospects is essential for tracking data, conducting follow-ups, and running a business smoothly. When you use two separate applications, and store relevant data in each, checking and tracking data becomesKaizen #142: How to Navigate to Another Page in Zoho CRM using Client Script
Hello everyone! Welcome back to another exciting Kaizen post. In this post, let us see how you can you navigate to different Pages using Client Script. In this Kaizen post, Need to Navigate to different Pages Client Script ZDKs related to navigation A.Extension pointers #13: Handle cases with personalized solutions using custom actions
In our last post, we detailed the steps involved in creating a custom action and the workflow from the developer and end user's side. Now let's look at a working example of how we can create a custom action and implement it in a Zoho CRM account to makeExtension pointers - Simple yet significant pointers #13: On change of field value for CRM variables
CRM variables provide global access to a variable across an entire extension. They also help in the storage of user-specific data provided by the user at the time of installation, which can later be fetched to perform data functionalities. Additionally,Extension pointers #14: Extend end-user benefits and allow personalization by implementing extensions with custom actions
From our earlier post on custom actions, we know that we can create templated actions, share them with end users, and allow them to reuse those actions to achieve personalized outcomes. In this post, we'll look at how custom actions make it easy for users