Client Credentials

Hello everyone,

Welcome back to Kaizen. 

In this post, we will discuss Client Credentials Flow and when it can be used.

What is Client Credentials Flow?

According to RFC6749, the official specification for the OAuth 2.0 authorization framework, 

"The client credentials (or other forms of client authentication) can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client,or to protected resources previously arranged with the authorization server. Client credentials are used as an authorization grant typically when the client is acting on its own behalf (the client is also the resource owner) or is requesting access to protected resources based on an authorization previously arranged with the authorization server."

For Zoho CRM APIs, the credentials used are client id and client secret.

When can Client Credential Flow be used?

The client credentials flow is appropriate for machine-to-machine communications in which the application does not need to act on behalf of a specific user as the program can authenticate using just their own credentials to receive an access token. Here the credentials are client id and client secret.

Compared to the flow of creating access tokens in the self client flow, the client credentials flow can be used to perform one-time tasks like one-time data migration or testing Zoho CRM API calls, etc. We recommend using self client or server-based authorization for integration purposes. The main benefit of the client credentials flow is the simplicity in creating an access token, requiring only the client ID, client secret, OAuth scopes, and SOID.

If you are a first time user of Zoho CRMs, you can get started with Zoho CRM APIs by using the client credentials flow for authorization. Head over to Zoho CRM API Collection where a Client Credentials sample is added. Make sure that you have the required request parameters available in your environment for a smooth setup.

How to obtain access token in client credentials flow?

To obtain an access token using the client credentials flow, make an API call to the following endpoint

{accounts_url}/oauth/v2/token?client_id={client_id}&client_secret={client_secret}&grant_type=client_credentials&scope={scope}&soid={org_id_or_portal_id}

Request Parameters

• grant_type: Enter the value as "client_credentials".
• client_id: Specify the client-id obtained from the connected app.
• client_secret: Specify client-secret obtained from the connected app.
• scope:  Enter the corresponding scope for the resource you want to access from the user's account. Multiple scopes can be given in comma separated format.
• soid: Enter this parameter in the format ZohoCRM.{zsoid} where zsoid is the unique ID of your org or portal. If your application has multiple orgs or portals, the token created is bound to this org or portal. For example: ZohoCRM.600xxx46

Response

If successful, the response will look something like this:

{     "access_token": "1000.b2caxxxxx3c6",     "scope": "ZohoCRM.org.ALL ZohoCRM.settings.ALL ZohoCRM.users.ALL ZohoCRM.templates.email.READ ZohoCRM.templates.inventory.READ ZohoCRM.modules.ALL",     "api_domain": "https://www.zohoapis.com",     "token_type": "Bearer",     "expires_in": 3600 }

Response Keys

• access_token: Access token to access ZohoCRM APIs.
• scope: The scope for the resource you want to access from the user's account that was provided in the parameters.
• api_domain: The domain for API requests, varies by environment (e.g., sandbox.zohoapis.{domain}).
• token_type: Type of token obtained. "Bearer" indicates this is an access token.
  
• expires_in: Time in seconds after which the access token expires.

This completes the authentication. Once your app receives the access token, send the token in your HTTP authorization header to Zoho CRM API with the value "Zoho-oauthtoken {access_token}" for each endpoint (for each request).

The response does not contain a refresh token. When an access token expires, make an API call to the same endpoint to get a new access token (if required).

We hope you found this post useful. We will meet you next week with another interesting topic!

If you have any questions, let us know in the comment section.

Cheers!

Previous Post: Kaizen #163 - Extension Widgets in Zoho CRM | Kaizen Collection: Directory | Help document link: Client Credentials

• Topic Participants

• Mable Mary M P

  

• Colin Small

• Sticky Posts

• Kaizen #197: Frequently Asked Questions on GraphQL APIs

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Kaizen #198: Using Client Script for Custom Validation in Blueprint

  Nearing 200th Kaizen Post – 1 More to the Big Two-Oh-Oh! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Celebrating 200 posts of Kaizen! Share your ideas for the milestone post

  Hello Developers, We launched the Kaizen series in 2019 to share helpful content to support your Zoho CRM development journey. Staying true to its spirit—Kaizen Series: Continuous Improvement for Developer Experience—we've shared everything from FAQs

• Kaizen #193: Creating different fields in Zoho CRM through API

  🎊 Nearing 200th Kaizen Post – We want to hear from you! Do you have any questions, suggestions, or topics you would like us to cover in future posts? Your insights and suggestions help us shape future content and make this series better for everyone.

• Client Script | Update - Introducing Commands in Client Script!

  Have you ever wished you could trigger Client Script from contexts other than just the supported pages and events? Have you ever wanted to leverage the advantage of Client Script at your finger tip? Discover the power of Client Script - Commands! Commands

• Recent Topics

• Push Notifications Customization

  There is no way to customize the notifications we get. I would like to be able to get notifications based on if they are assigned directly to me, my team, my department, or perhaps tickets that match a specific criteria (a contact or account is a VIP

• Announcing Early Access to the next generation of Zoho Desk UI

  Customer service is one of the categories where efficiency and quality of service have to run in parallel, and your team's experience with their helpdesk goes a long way ensuring these aspects are uncompromised. Introducing DOT Design for Zoho Desk -

• Editing the record in report

  I have a use-case as below- User creates a assessment record by filling some fields. User assigns that record to portal user by using Assigned To dropdown (Assigned To is Users field in form with choices as customers). I have set the record owner of form

• Unified WhatsApp Number Management in Zoho Desk and SalesIQ

  Dear Zoho Desk Support Team, We are currently utilizing both Zoho Desk and Zoho SalesIQ for our customer support operations. While both platforms offer WhatsApp integration, we are facing challenges due to the requirement of separate WhatsApp numbers

• Can we have Bills of Material Module ?

  Can we have Bills of Material Module ?

• Main Ticket Page Customization

  We do not love the ticket list page (right after clicking Tickets menu item) would like options to customize it.

• Communicating with emojis

  On July 17, we celebrate World Emoji Day! We're a bit late 😐 sharing insights about this day. But we just couldn't let it pass without a mention 😊 because emojis have a meaningful connection with customer service 💬 🤝. We do not want to miss out on

• Agent Collision Missing from Mobile App

  Please add Agent Collision capabilities to the mobile app.

• Zia Sentiment and Functionality on Mobile

  Please add Zia sentiment and generative responses to the mobile app. It would be nice to see the ticket sentiment and generate a response back to a user using Zia on my iPhone

• View Account Attachments on iOS

  Please allow us to view account attachments on the mobile iOS app!

• How do I run a PnL by Sales Person?

  I am trying to run a PnL by sales person but am not seeing the option do so. All I need to know (per salesperson) is revenue, cost of goods, gross profit.

• View Contracts and Support Plans on Mobile

  We would like to be able to see contracts and support plans from the mobile app on iOS!

• Why is Zoho Meeting quality so poor?

  I've just moved from Office 365 to Zoho Workplace and have been generally really positive about the new platform -- nicely integrated, nice GUI, good and easy-to-understand control and customisation, and at a reasonable price. However, what is going on

• App like Miro

  Hi all, is there a way to have a interactive whiteboard like in Miro? We want to visualize our processes and workflows in an easy way.

• Loan repayment Entry

  While receiving loan, i does following steps in My Zoho books. 1. Create "Loan & Advance " Account as Parent Account under Long Term Liabilities. 2. Create another account For Example "Mr. ABC's Loan as Child account under the parent account. Now: In

• Quotes module send email reverted back into 2022??

  Our Zoho CRM PLUS quotes, sales orders, invoice modules is showing us an email composer from 2022. We cannot send emails and its been a real pain. I tried clicking the new version over there but it doesnt seem to do anything. Any help is welcome. th

• Workflow Condition - how do check that a date / time value is in the past?

  Hello, I'm got a workflow that runs a function when records reach their 'Effective Date / Time', but sometimes records are created after the 'Effective Date / Time' so I have another workflow that checks for records which needs to be processed immediately.

• Pre filling SignForm field values by URL field alias's in Zoho Sign

  Hi, Does anyone know if it's possible to pre fill the field values of the SignForm by using field alias's like you can in Zoho forms? To be more specific, I want to be able to change the SignForm URL to include some information like this: Before : https://sign.zoho.eu/signform?form_link=234b4d535f495623920c288fc8538cb9e6db03bbfd44499b63f3e5c48daf78f44bc47f333e2f5072cc1ee74b7332fe18b25c93fab10cb6243278d49c67eacbf30bbe5b6e1cc8c6b2#/

• How to Split Payout in Zoho Books (Without Using Journal?)

  Hi, I'm trying to properly record payouts in Zoho Books. The issue is that each payout is a combination of sales and expenses (fees). When I try to categorise the payout transaction from the Banking tab, I can only split the transaction using income-type

• Payment Schedule

  Please add the ability to create a payment schedule. The other options, like retainer invoices or two invoices, do not work for the customer.  We invoice a client and need to be able to show them everything they owe in one invoice, and when each payment

• Google Recaptcha V3

  Hi, Why, years later now, are we still waiting for Zoho Forms to incorporate Google Recaptcha V3 into it's systems? Come on Zoho this has been an ongoing issue for over a year now!! It should be a priority.

• Which pricing system do you think would work best for us?

  Imagine we’re selling strictly wholesale. We’d rather not publish unit prices; instead, we quote customers case-by-case. To spur larger orders, we’re considering a transparent discount ladder—say: $0 – $999: 0 % $1,000 – $1,999: 5 % $2,000 – $4,999: 10

• Add Support for Google reCAPTCHA v3 in Zoho Forms

  Hello Zoho Forms Team, We appreciate the security measures currently available in Zoho Forms, including Zoho CAPTCHA, Google reCAPTCHA v2 (checkbox), and reCAPTCHA v2 (Invisible). However, we would like to request the addition of support for Google reCAPTCHA

• Can't Remove Payment Gateway

  I am getting the error "Settings cannot be cleared as some of the transactions are still in progress." when trying to remove the PayGate payment gateway which I was unable to get working. I am now using paystack and I want to remove Paygate.

• Sync specific Zoho Inventory Warehouses to Zoho Commerce

  As said in the title, we would want to only sync stock from one warehouse of Zoho Inventory to the Zoho Commerce item stock. We have a 2 warehouses in different countries and the way that Zoho Commerce works (It takes stock from ALL WAREHOUSES EVERYWHERE

• Weekly Tips : Automatically clean clutter with Junk cleanup interval

  If you regularly receive many unwanted or spam emails, your Spam folder can quickly fill up and start taking up valuable storage space in your Zoho Mail account. Instead of manually clearing it every few days, you might find it helpful to enable automatic

• Any solution for getting portal users list in deluge or in widget

  Hi Team, Has anyone able to find the solution to get portal users list in deluge or in zoho creator widgets? Thanks, Payal

• The Grid is here!

  Hey Zoho Forms Community! 👋 We’re thrilled to announce the launch of a feature that’s been on your wishlist for a while: Grids What is Grids? Grids let you place form fields side by side in multiple columns to create a more concise and organized form

• Steuerberater der Zoho benutzt in Deutschland

  I write in English because the issue is related to German regulations. Wir sind ein Unternehmen, welches aktuell keine Pflicht zur doppelten Buchführung hat. Aktuell bucht unser Steuerberater jeden Beleg, auch unsere Auslagen. Wir würden dies gerne selbst

• GraphQL in new Send Webhooks feature

  Hello, is it possible to use GraphQL apis in the new Send Webhooks feature?

• # 2 Why do we need a billing system when accounting covers billing?

  In today's evolving financial tech stack, businesses use a mix of tools to manage their day-to-day operations, from invoicing to full-fledged accounting. While accounting platforms typically come with built-in invoicing features, specialized billing systems

• How to insert an Excel/Zoho Sheet table in a chat?

  Hello, is there a way to paste an excel/zoho sheet table to a conversation without loosing table lines. I tried to paste a piece of a table and all the columns and rows were gone. How to easily paste a table without a need of sending a file? Katarzy

• Mass Update Application Status

  How to update application statuses of Multiple Applications at once? Is that possible? If not then why please consider adding it It can save hours of manual work Thats the only Option I see

• Free webinar: Streamlining customer service paperwork with the Zoho Sign extension for Zoho Desk

  Hi there! Wondering how to bridge the gap between digitized customer service and business paperwork? Attend our free webinar to learn how you can do this by connecting Zoho Sign, our digital signature app, with Zoho Desk, our online customer service help

• Mail Search Not Working

  Hello, Mail search is not working at all. I've tried Chrome and Mozilla. I can try and search for an exact term, or even an email that is 1st in my email list. All search does is sit and spin, or it comes up with no results. I've also tried it on my android

• Cannot Send Email to a Gmail Account

  Hello, I have a zoho-hosted email account, alex@chirochannelnetwork.com that has trouble sending to gmail accounts.  But not all gmail accounts, only some of them. I've tried to figure this out with clients, and they don't appear to be going into their

• Unblock ME

  info@pentekykloi.gr Unable to send message;Reason:554 5.1.8 Email Outgoing Blocked. Learn more. I purchase additional storage

• The Social Wall: July 2025

  Hello everyone! July has brought some exciting new updates to Zoho Social. From powerful enhancements in the Social Toolkit to new capabilities in the mobile app, we’ve packed this month with features designed to help you level up your social media presence.

• Cannot Print Landscape with Zoho Sheet

  I am noticing that when using the Zoho Sheet desktop for Mac, that even when selecting landscape as the print option, once you choose "Print", a second system dialog opens that automatically makes the view portrait again, and does not allow printing in

• Power of Automation : Enhancing custom date field calculations by excluding Weekends and Holidays

  Hello Everyone, A Custom function is a user-written set of code to achieve a specific requirement. Set the required conditions needed as when to trigger using the Workflow rules (be it Tasks / Project) and associate the custom function to it. Requirement:

• Next Page