Zoho
Overview
Pre-built tooling
Pre-built integrations
No pre-built integration yet (time to contribute: <48h)
Access requirements
Pre-Requisites | Status | Comment |
---|---|---|
Paid dev account | ✅ Not required | Free Zoho account is sufficient for development. |
Paid test account | ✅ Not required | Free Zoho account is sufficient for testing. |
Partnership | ✅ Not required | |
App review | ✅ Not required | No review process for OAuth apps. |
Security audit | ✅ Not required |
Zoho Providers
Zoho offers multiple services, each with its own API. In Nango, these are represented as separate providers:
- Zoho Bigin - CRM for small businesses
- Zoho Books - Accounting software
- Zoho CRM - Customer relationship management
- Zoho Desk - Customer support software
- Zoho Inventory - Inventory management
- Zoho Invoice - Invoicing software
- Zoho Mail - Email service
- Zoho People - HR management
While each Zoho service has its own specific API endpoints and scopes, the OAuth setup process is similar across all Zoho services. This guide covers the general setup process for Zoho OAuth applications.
Setup guide
Create a Zoho account
- If you don’t already have a Zoho account, go to Zoho’s signup page and create one.
- Sign in to your Zoho account.
Access the Zoho API Console
- Go to the Zoho API Console.
- Sign in with your Zoho account if prompted.
Create a new client
- In the API Console, click on the Server-based Applications card.
- Click the Create button to create a new client.
- Fill in the required information:
- Client Name: Enter a name for your application.
- Client Domain: Enter the domain name of your application (e.g., example.com).
- Authorized Redirect URIs: Enter
https://api.nango.dev/oauth/callback
- Description: Provide a brief description of your application.
- Click Create to register your client.
Select the appropriate scopes
- After creating your client, you’ll need to add the appropriate scopes based on which Zoho service(s) you want to access.
- Click on the Add Scope button.
- Select the Zoho service you want to access (e.g., CRM, Books, Desk, etc.).
- Choose the specific scopes you need for that service.
- Click Save to add the selected scopes.
Note: Each Zoho service has its own set of scopes. Refer to the specific service documentation for details on available scopes.
Obtain your OAuth credentials
After creating your client, you’ll receive:
- Client ID: A unique identifier for your application
- Client Secret: A secret key for your application
Make sure to store these securely, especially the Client Secret, as you’ll need them when configuring your integration in Nango.
Configure your integration in Nango
When setting up your Zoho integration in Nango:
- Use your Client ID and Client Secret from the previous step
- For the authorization URL, use:
https://accounts.zoho.{datacenter}/oauth/v2/auth
- For the token URL, use:
https://accounts.zoho.{datacenter}/oauth/v2/token
Note: Replace {datacenter}
with the appropriate domain extension based on your account’s location:
com
for US and global accountseu
for European accountsin
for Indian accountscom.cn
for Chinese accountscom.au
for Australian accounts
You can determine your datacenter by checking the URL you use to access Zoho services.
Understand the OAuth flow
The Zoho OAuth flow follows these steps:
- Users are redirected to Zoho’s authorization page
- Users log in to Zoho and approve access for your application
- After authorization, users are redirected back to your redirect URL with an authorization code
- Your application exchanges this code for an access token using the token endpoint
- The access token is used in the
Authorization: Bearer {access_token}
header for all API requests - Zoho also provides a refresh token that can be used to obtain a new access token when the current one expires
Test the OAuth flow
- After configuring your integration in Nango, test the OAuth flow to ensure it works correctly.
- The authorization flow will redirect users to Zoho where they can approve access to their account.
- After approval, users will be redirected back to your application with an authorization code.
- This code will be exchanged for an access token that can be used to make API requests.
Next
Follow the Quickstart.
Useful links
- Zoho API Console
- Zoho Developer Hub
- OAuth 2.0 Overview
- Server-based Applications
- Get Authorization Code
- Get Access Token
- Refresh Access Token
- Multi DC Support
- OAuth Scopes
- Zoho Bigin
- Zoho Books
- Zoho CRM
- Zoho Desk
- Zoho Inventory
- Zoho Invoice
- Zoho Mail
- Zoho People
Common Scopes
Each Zoho service has its own set of scopes. Here are some common scopes for popular Zoho services:
-
Zoho CRM
ZohoCRM.modules.ALL
- Access to all CRM modulesZohoCRM.settings.ALL
- Access to all CRM settingsZohoCRM.users.ALL
- Access to all CRM users
-
Zoho Books
ZohoBooks.fullaccess.all
- Full access to Books dataZohoBooks.contacts.READ
- Read access to contactsZohoBooks.invoices.READ
- Read access to invoices
-
Zoho Desk
Desk.tickets.ALL
- Access to all Desk ticketsDesk.contacts.READ
- Read access to Desk contactsDesk.search.READ
- Search functionality in Desk
-
Zoho Mail
ZohoMail.accounts.READ
- Read access to mail accountsZohoMail.messages.ALL
- Access to all mail messages
-
AaaServer
AaaServer.profile.READ
- Read access to user profileAaaServer.profile.UPDATE
- Update access to user profile
API gotchas
-
Zoho uses datacenter-specific URLs for authentication. Make sure to use the correct datacenter domain extension (
com
,eu
,in
,com.cn
,com.au
) based on where your user’s account is registered. -
Zoho has rate limits that vary by service. Check the specific service documentation for details.
-
If your application needs to access multiple Zoho services, you need to request scopes for each service during the authorization process.
-
For production applications, consider implementing multi-datacenter support to handle users from different regions.