How To Generate Access Token And Refresh Token For Server Based Application In Zoho Using Postman

May 31, 2021 1 3.7K

Selina Parmar

I am a senior WordPress Developer at Vision Infotech. I have expertise in Web Designing ...

In this tutorial, We are going to learn about How to get an Access token and Refresh Token Using Postman for ZOHO CRM.

There is a need to create an application to get a Client ID and CLIENT SECRET Key.

Go to Zoho Developer Console.

Here are the options for client type.

  1. Client-based Applications
  2. Server-based Applications
  3. Mobile-based Applications
  4. Non-browser Applications
  5. Self client

You can choose the Client type as per your requirements.

Here I am going to show you Server-based Applications.

1 Register Your Client Application

Step 1: Choose Server-based Applications

 Step 2:  You need to Add Client Name, Homepage URL, and Authorized Redirect URLs.

Step 3: After creating an app you can see Client ID and Client Secret

2 Make the Authorization Request

To generate Authorization code for Server-Based Client Application.

Request URL Format:

https://accounts.zoho.com/oauth/v2/auth?response_type=code&client_id=<client_id>&scope=<scope>&redirect_uri=<redirect_uri>&access_type=offline

Mandatory Field:

client_id: Client ID was generated while registered the client application. Kindly refer to step 3

scope: Use Zoho scope as per the requirement. For example, For CRM ZohoCRM.users.ALL, ZohoCRM.modules.ALL

redirect_uri: Use Redirect URL which has added while registered the client application. Kindly refer to step 2

Optional Field:

access_type: Its value can be “Online” or “Offline”. When you set it as “Offlineyou will able to get the refresh token along with the access token

prompt: Its value must be consent. whenever a user wants to make a request for the access token using refresh token this will be mandatory

Here is the Example request:

https://accounts.zoho.com/oauth/v2/auth?client_id=1000.XXXXXXXXXXXXXXXXXXXXXXX&response_type=code&access_type=offline&scope=ZohoCRM.users.ALL,ZohoCRM.modules.ALL&redirect_uri=https://testing.com/

You should pass this URL in your browser then you can see the access permission.

After accepting the access permission you will be redirected to the redirect URL which you have mentioned in the request.

When you will be redirected you can see Code=” 1000.xxxxxxxxe1a88.xxxxxxxx40a3” location and accounts-server.

This code is your Authorization code.

3 Generate Access Token and Refresh Token

Request URL Format: 

https://<base_accounts_url>/oauth/v2/token?grant_type=authorization_code&client_id=<client_id>&client_secret=<client_secret>&redirect_uri=<redirect_uri>&code=<authorization_code>

Request Method: POST

Where, 

base_accounts_url: Base URL of your Zoho Account. Example: accounts.zoho.com

client_id & client_secret: Client ID and Client Secret were generated while registered the client application. Kindly refer to step 3

redirect_uri: Use Redirect URL which has added while registered the client application. Kindly refer to step 2

code: Authorization Code which is generated before.

 

Here is the Example request:

https://accounts.zoho.com/oauth/v2/token?grant_type=authorization_code&client_id= 1000.xxxxxxxxxxHF2C6H&client_secret= 1000.xxxxxxxxxxHF2C6H&redirect_uri=https://testing.com/&code=1000.XXXXXXXXXXXXXXXX5e923.XXXXXXXXXXXX9c824

Response View:

4 Refresh the Access Token

Access Tokens expires in an Hour. You can create an access token using the refresh token which we have created in the previous step.

Request URL Format:

https://<base_accounts_url>/oauth/v2/token?refresh_token=<refresh_token>&client_id=<client_id>&client_secret=<client_secret>&grant_type=refresh_token

Request Method: POST

Where, 

base_accounts_url: Base URL of your Zoho Account. Example: accounts.zoho.com

client_id & client_secret: Client ID and Client Secret were generated while registered the client application. Kindly refer to step 3

refresh_token: Use the refresh token which we have created in the previous step.

Here is the Example request:

https://accounts.zoho.com/oauth/v2/token? refresh_token=1000.XXXXXXXXXXXXXXXX5e923.XXXXXXXXXXXX9c82&client_id= 1000.xxxxxxxxxxHF2C6H&client_secret= 1000.xxxxxxxxxxHF2C6H& grant_type= refresh_token

Hope You have got a better understanding.

Selina Parmar

I am a senior WordPress Developer at Vision Infotech. I have expertise in Web Designing and Development with PHP WordPress. I have enough skills in HTML, CSS, Bootstrap, JavaScript, jQuery, SQL, Web API. Also additionally I can do integration of the Zoho Platform using deluge code. Zoho integration with Wordpress platform. 3rd Party API Integration with Zoho using PHP and Deluge.
Read More

1 Comment

  1. Robin
    Robin on December 15, 2021 at 3:56 pm

    thanks very much for this – really helped me – zoho should really put this page of yours into their docs…

    0
    0
    Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe

Select Categories