Client Credentials

Hello everyone,

Welcome back to Kaizen. 

In this post, we will discuss Client Credentials Flow and when it can be used.

What is Client Credentials Flow?

According to RFC6749, the official specification for the OAuth 2.0 authorization framework, 

"The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client,or to protected resources previously arranged with the authorization server. Client credentials are used as an authorization grant typically when the client is acting on its own behalf (the client is also the resource owner) or is requesting access to protected resources based on an authorization previously arranged with the authorization server."

For Zoho CRM APIs, the credentials used are client id and client secret.

When can Client Credential Flow be used?

The client credentials flow is appropriate for machine-to-machine communications in which the application does not need to act on behalf of a specific user as the program can authenticate using just their own credentials to receive an access token. Here the credentials are client id and client secret.

Compared to the flow of creating access tokens in the self client flow, the client credentials flow can be used to perform one-time tasks like one-time data migration or testing Zoho CRM API calls, etc. We recommend using self client or server-based authorization for integration purposes. The main benefit of the client credentials flow is the simplicity in creating an access token, requiring only the client ID, client secret, OAuth scopes, and SOID.

If you are a first time user of Zoho CRMs, you can get started with Zoho CRM APIs by using the client credentials flow for authorization. Head over to Zoho CRM API Collection where a Client Credentials sample is added. Make sure that you have the required request parameters available in your environment for a smooth setup.

How to obtain access token in client credentials flow?

To obtain an access token using the client credentials flow, make an API call to the following endpoint

{accounts_url}/oauth/v2/token?client_id={client_id}&client_secret={client_secret}&grant_type=client_credentials&scope={scope}&soid={org_id_or_portal_id}

Request Parameters

• grant_type: Enter the value as "client_credentials".
• client_id: Specify the client-id obtained from the connected app.
• client_secret: Specify client-secret obtained from the connected app.
• scope:  Enter the corresponding scope for the resource you want to access from the user's account. Multiple scopes can be given in comma separated format.
• soid: Enter this parameter in the format ZohoCRM.{zsoid} where zsoid is the unique ID of your org or portal. If your application has multiple orgs or portals, the token created is bound to this org or portal. For example: ZohoCRM.600xxx46

Response

If successful, the response will look something like this:

{     "access_token": "1000.b2caxxxxx3c6",     "scope": "ZohoCRM.org.ALL ZohoCRM.settings.ALL ZohoCRM.users.ALL ZohoCRM.templates.email.READ ZohoCRM.templates.inventory.READ ZohoCRM.modules.ALL",     "api_domain": "https://www.zohoapis.com",     "token_type": "Bearer",     "expires_in": 3600 }

Response Keys

• access_token: Access token to access ZohoCRM APIs.
• scope: The scope for the resource you want to access from the user's account that was provided in the parameters.
• api_domain: The domain for API requests, varies by environment (e.g., sandbox.zohoapis.{domain}).
• token_type: Type of token obtained. "Bearer" indicates this is an access token.
  
• expires_in: Time in seconds after which the access token expires.

This completes the authentication. Once your app receives the access token, send the token in your HTTP authorization header to Zoho CRM API with the value "Zoho-oauthtoken {access_token}" for each endpoint (for each request).

The response does not contain a refresh token. When an access token expires, make an API call to the same endpoint to get a new access token (if required).

We hope you found this post useful. We will meet you next week with another interesting topic!

If you have any questions, let us know in the comment section.

Cheers!

Previous Post: Kaizen #163 - Extension Widgets in Zoho CRM | Kaizen Collection: Directory | Help document link: Client Credentials

• Topic Participants

• Mable Mary M P

  

• Colin Small

• Sticky Posts

• Kaizen #197: Frequently Asked Questions on GraphQL APIs

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Kaizen #198: Using Client Script for Custom Validation in Blueprint

  Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Celebrating 200 posts of Kaizen! Share your ideas for the milestone post

  Hello Developers, We launched the Kaizen series in 2019 to share helpful content to support your Zoho CRM development journey. Staying true to its spirit—Kaizen Series: Continuous Improvement for Developer Experience—we've shared everything from FAQs

• Kaizen #193: Creating different fields in Zoho CRM through API

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Client Script | Update - Introducing Commands in Client Script!

  Have you ever wished you could trigger Client Script from contexts other than just the supported pages and events? Have you ever wanted to leverage the advantage of Client Script at your finger tip? Discover the power of Client Script - Commands! Commands

• Recent Topics

• Show backordered items on packing slip

  We send out a lot of large orders, and often there are one or two things backordered. How can I fix the packing slips to show quantity ordered  & quantity packed There should also be the ability to "ship" 0 of an item so the receiver knows that things

• Document | Files

  The vendor "Partial matches" still not fixed here after years of putting up with having to select most vendors manually ! ( again, the banking "Transaction rules" would solve a lot of these issues ) Some unwanted, irrelevant pdf's also arrive. It would

• books+POS+ tap to pay+ stripe

  So in the UK we now have tap to pay with stripe. So we can use the stripe app as a POS terminal. Brilliant news. Can we hope that the Books App might add this feature ASAP. It would be great to have one system rather than using the not very good Square

• Canvas Form View - Client Script Page on load - Url params not working

  We have a custom module with a canvas page for form view. We have a button in Customers module to open this canvas page using invokeurl function. We send few parameters as in the URL as query parameters. https://crm.zoho.in/crm/orgxxxxxxxx/tab/CustomModule12/create/canvas/64333200000261xxxx?layoutId=643332000002605001&c=${Customers.Customer

• Sending Recruit SMS's to Zoho Cliq - Or tracking in the Messages module in Recruit?

  Is there any way to send SMS Gateway messages in Recruit to ZOho Cliq? We use 2-way SMS massages a lot in Zoho Recruit to speed up communication with Candidates. However the only way to keep track of received SMS's is by keeping a look out for the Email

• This mobile number has been marked spam. Please contact support.

  Hi Support, Can you tell me why number was marked as spam. I have having difficult to add my number as you keep requesting i must use it. My number is +63....163 Or is Zoho company excluding Philippines from their services?

• Zohomail does not support additional fields in mailto links

  Hello, I set up Zohomail as default composer in Firefox according to manual here: https://www.zoho.com/mail/help/defaultcomposer.html#alink2 Later, I wanted to use this functionality to answer in a Linux mailing list thread using mailto link: mailto:xxxxx@kernel.org?In-Reply-To=%3C727o0521-q24p-s0qq-66n0-sn436rpqqr1p@example.com%3E&Cc=xxxxx%example.org&Subject=Re%3A%20%5BPATCH%20v2%28%29

• Is it possible to set a customer context variable in Zobot

  Hi, I want to use a context variable to route users down different paths in my Zobot chat flow. I know I can do this when the user enters data. But I want to know if I can use a variable that is 'hard coded' on the card, that the user is unaware of. Use

• Cannot change Blog Title

  There is nowhere to change the blog title. You can change the blog URL but that is making no difference to the text "Enter Your Post Title" am I missing something?

• Pending Sales Order Reports

  Pending sale order report is available for any single customer, Individual report is available after 3-4 clicks but consolidated list is needed to know the status each item. please help me.

• Kaizen #203 - Answering Your Questions | Handling API Limits and Error Responses

  Hi Everyone, Welcome back to yet another post in the Kaizen Series! We appreciate your keen participation in the 200th milestone celebration of the Kaizen series. We will continue to answer the queries we received through the feedback. When working with

• How to verify website ownership with google search console

  Hi, I am having a free .in domain provided by Zoho I have created a website on it now I want to verify my ownership to google webmaster. Can you please help me how to do that.

• Kaizen #89 - Color Coding using Client Script

  Hello everyone! Welcome back to another exciting Kaizen post. Today let us see how you can apply color codes to the List and Detail Pages of Zoho CRM using Client Script. Need for color code in Zoho CRM When you mark things with different colors as a

• "SPF record exceed the allowed limit of 10"

  Hi, I was wondering if there were a "universal Zoho SPF record" that would allow all my configured Zoho services that email things to meet this limitation ? or do I have to have an entry for mail, com, billing, etc?

• Zoho Mail android app update: Block & reject future emails, Report phishing, Spam alerts, Suspicious URL detection

  Hello everyone! In the most recent Zoho Mail Android app update, we have brought in support for the following features: Block & reject future emails Report Phishing Spam alerts in the mail details screen. Suspicious URL detection. Block & reject future

• What is Resolution Time in Business Hours

  HI, What is the formula used to find the total time spent by an agent on a particular ticket? How is Resolution Time in Business Hours calculated in Zohodesk? As we need to find out the time spent on the ticket's solution by an agent we seek your assistance

• Animated GIF Images in Chat

  I know this seems to be a small feature request but in a recent Cliq update Zoho disabled autoplay for animated GIFs posted in Cliq conversations. We think this was not a good change. In our organization, animated GIFs in a chat play a role in expressing

• I can't seem to login in to Mail Apps of MacOS /IOS

  Hi, i'm having trouble in signing in to mail apps from IOS. It's always come back to wrong passwords. But i already changed my password like 3 times. But still it says wrong credentials

• Profile Image Showing Incorrectly in Zoho Mail

  Hi everyone, I’m facing a serious issue with Zoho Mail. The profile image showing for my email address is incorrect — it’s not my image. When I send an email to my Gmail account, it displays someone else’s image. This looks very suspicious and can make

• I need access to my old email

  I need access to my old email bromzeman@zoho.com to verify it for forwarding. I can’t access the inbox to get the confirmation code. Please assist with recovery or forwarding. as you might already know, they made alot of the email addresses to have that

• Set Defaults for Email Groups

  Is there a way to set defaults for all of the groups that I establish as a moderator? For example, I want every group I establish to have the following settings: 1. Moderator is <user> 2. User is <user>, <user> 3. Notifications for new group turned

• LOGS FOR RECEIVED MAIL ( READ DATE & TIME)

  In Zoho mail we can extract the read logs of received mails so that we can see when we have read the mail and at what time & we have read it.

• Domain verification probem

  Hello, i use a domain from Namecheap with hosting from Cinfu when i try to verify my domain on zoho i get "TXT Verification failure" i even tried the HTML verification and the code appears but also giving me the verification failure error.

• Switching to Cloudflare email routing from Zoho Mail

  Hello, I'm currently working on migrating from Zoho Mail to Cloudflare's email routing solution. This requires changing MX and TXT records for our custom domain - when we do this, will our users still be able to log into their accounts and access an archived

• Un Subscription Button

  How can i Add the Un Subscription Button in Zoho mail

• Documents unable view and need to downlad

  I can't view .doc files in Zoho mail unless I download them, but I can view PDF files without downloading.

• we encountered a problem while sending your email. please try again later.

• Adding and removing people from groups

  We're having problems adding people to a group. Apparently Zoho has one email address and will not recognize a different email address.

• MAIL SEARCH IS NOT WORKING

  THIS ISSUE HAS BEEN BUGGING ME SINCE MORNING, PLEASE RESOLVE THIS AT THE EARLIEST

• URL Parameter on Help Center SIgn in link

  Is it possible to add a url parameter to the sign in link on the Help Center?

• migrating from HelpScout

  I am attempting to import a conversation file from helpscout into desk and am receiving size errors. What is the current file size restriction. Does anyone have any tips for a successful migration?

• Layout Rules Don't Apply To Blueprints

  Hi Zoho the conditional layout rules for fields and making fields required don't work well with with Blueprints if those same fields are called DURING a Blueprint. Example. I have field A that is used in layout rule. If value of field A is "1" it is supposed to show and make required field B. If the value to field A is "2" it is supposed to show and make required field C. Now I have a Blueprint that says when last stage moves to "Closed," during the transition, the agent must fill out field A. Now

• Article Name Sorting in Zoho Desk Knowledge Base (agent / admin side)

  Dear Zoho Desk Support, We are writing to request an enhancement to the Knowledge Base management feature within Zoho Desk. Currently, there is no option to sort articles by their name, which significantly hinders efficient article management, especially

• How to parse JSON data with SQL in Zoho Analytics?

  Hi all, I have a column with JSON data. I want to show this column in a chart, but it is very messy, and no JSON parsing function is supported on Zoho Analytics. data example: {"id": 5, "status": "false", "date": "15/10/22"} what I want to do in SQL is

• Ability to turn off "Would you like this amount to be reflected in the Payment field?" message

  Team, Is there any way to turn off the message" Would you like this amount to be reflected in the Payment field?" when I make a payment? This is so annoying. This happens EVERY TIME I put an amount in the Payment Made field.

• Add an Equation Field (Or update the Formula Field)

  Hi, I would like to be able to have one field as a Text Field with QR Code, and then have multiple Equation/Formula Fields that then take parts of that fields data with LEFT, MID, RIGHT, REGEX, etc. Thanks Dan

• How to parse column having JSON data using SQL?

  We have a daily sync from a PostgreSQL database that brings data into Zoho Analytics. Some of the columns store raw JSON data. We need to build SQL queries on top to parse data from JSON and store them in discrete columns. There is no option for "Data

• Enable report button based on the current user role

  Greetings  i have a report that contains action buttons, i want these buttons to appear as enabled only when the current logged in user has a certain role, for example only CEO role users will be able to use this button. but when setting the conditions

• 500 Internal Error In Mail API

  I'm getting 500 Internal Error when using mail API. I'm getting this error for this one account, it works fine for other Account IDs which I have in my system.

• Piss poor service in Support in Domains and email

  Srijith Narayanan B contacted me today. Very pleasant fellow. Just didn't want to tell him how bad your support service is. You help the person, but you leave before we can finish the next stage. Which causes a lot of frustration. It's been 8 days now

• Next Page