Skip to main content

Zoho CRM: Generate Token

  1. Go to Zoho Developer Console, https://accounts.zoho.com/developerconsole.

  2. Click Add Client ID. alt text

  3. Enter the following details:

• Client Name: The name of your application you want to register with Zoho

• Client Domain: The name of your domain to be used in URLs to identify your web page

• Authorized Redirect URIs: A valid URL of your application to which Zoho Accounts redirects you with a grant token(code) after successful authentication

alt text

  1. Click Create. You will get Client id and Client Secret.

alt text

  1. Generating Grant Code: • Click Self Client. alt text

• Enter valid scope for the client. You can enter multiples scope for a client at a time. See the following link for more scope details. https://www.zoho.com/crm/developer/docs/api/oauth-overview.html#scopes

• Choose the expiry time from the drop-down. This indicates the time the grant token(code) is valid for.

• Click View Code to display the code. This is the Grant Token. Save this code and click Close. alt text

  1. Use this grant token to Generate Access and Refresh Tokens. • Open postman and create new Post request using following details URL : https://accounts.zoho.com/oauth/v2/token

Request Parameters

ParameterDescription
client_idSpecify the client-id obtained from the connected app.
client_secretSpecify the client-secret obtained from the connected app.
redirect_uriSpecify the Callback URL that you registered during the app registration.
codeEnter the grant token generated from the previous step.
grant_typeEnter the value as "authorization_code".

Response

alt text

tip

• Each access token is valid for only an hour and used only for the operations defined in the scope.

• Refresh token does not expire. Use it to refresh access tokens when they expire.

• You can only generate a maximum of five refresh tokens in a minute.

• A "User" in an organization can have a maximum of 20 refresh tokens. And each refresh token can have a maximum of 30 active access tokens (non-expired).

• When a user creates a 31st access token, the system deletes the first created access token. Similarly, when the user creates the 21st refresh token, the system deletes the first created refresh token.

Reference Links:

https://www.zoho.com/crm/developer/docs/api/register-client.html

Last updated on