Sample integration API with ZOHO CRM

Hello, welcome to this sample article for integration with ZOHO.

Implementing integration with an external (or internal) API that you need to authenticate with OAuth2.0 is relatively easy and quick to implement with Outsystems. What you need is an example, the path of the stones ... I hope I can help you here.


Basically, the process is as follows:

Perform the initial configuration on the ZOHO website, then perform steps 1, 2, 3 below:

1- You need to map and consume an EndPoint that generates an Authorization (Bearer token or simulate, depends on the partner) on the partner you want to consume the API.

2- You need to map and consume the authenticated methods of the partner API, passing the token generated in step 1 above.

3- Refreshing your access Tokens


Documentation ZOHO:

https://desk.zoho.com/support/APIDocument.do#self-client




Lets go create: Configuration on the ZOHO website at the link 

https://api-console.zoho.com/




Create Application: 





You ClientID and Client Secret in Outsystems API Get Token, with CODE Generate below:





The Generated Code is use in API Outsystems to Generate initial Token




Now let's go to Outsystems

1- You need to map and consume an EndPoint that generates an Authorization (Bearer token or simulate, depends on the partner) on the partner you want to consume the API.

EndPoint to generate the ZOHO Token:

https://accounts.zoho.com/oauth/v2/token?code={code}&client_id={client_id}&client_secret={client_secret}&redirect_uri={redirect_uri}&access_type=offline&grant_type=authorization_code



Note that the initial Token was successfully generated here



2- You need to map and consume the authenticated methods of the partner API, passing the token generated in step 1 above.


Note that here the Contact Inquiry returned a successful result.



3- Refreshing your access Tokens

You can implement the Token update, considering the URL https://accounts.zoho.com/oauth/v2/token?refresh_token= {refresh_token} & client_id = {client_id} & client_secret = {client_secret} & scope = {scope} & redirect_uri = {scope} redirect_uri} & grant_type = refresh_token




Hope this helps.


Att.,

Galter.







IntegrationZohoCRM.oml

That's some detailed info. Would surely be helpful to some. Thanks for Sharing Galter.


Cheers,

Tushar

Hi Galter, 

Thank you for posting this elaborate sample case. Within Outsystems you send all (secret) information within the URL. With that i wanted to know if there is a possibility to send the client id and client secret in the body or the header of the api call? 

The reason for this question is that the URL does not get encrypted with HTTPS. with with a simple network sniffer it is possible to capture the URL in plain text (including the parameters. aka client secret and such). 

Looking forward to your reply!

Cheers,

Jørgen

Champion

Hi Jorgen, first of all, thanks for the feedback on the article.


As for your question, the API call occurs via the HTTPS protocol (https://accounts.zoho.com/oauth/v2/token?).

The ZOHO platform documentation (https://www.zoho.com/accounts/protocol/oauth/web-apps/access-token.html) presents the usage example with the parameterization variables directly in the URL, however, because dealing with a post method, I believe that it would be possible to pass such parameters in the header yes, but I'm not sure of the information.

I will do a test soon, and update you here.


If you can test it before me, tell us if it worked.


A big hug.

Hi Galter,

In the mean time i worked at my Oauth 2.0 authentication with the party i am connecting. It works with the HTTPS POST with the required parameters in the body of the request. Perhaps that will also work for the ZOHO platform. 

I pass the parameters in the body as: {parameter}={value}&{parameter2}={value2}

I hope this also works for you because that would increase the Confidentially of your integration!

Cheers!

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.