I’ve done a lot of Zoho Desk API integrations in recent years.  It’s not always straightforward, or well documented, so I’ve put together this page to help others.

If you want any professional help integrating your apps with Zoho APIs, get in touch, and we can chat about what you are doing.

 

Zoho API tokens

The Zoho API uses a token model.  You need to create a refresh code, which never expires.  Once you have the refresh code you use this to get an access code, which does expire.  And so you need to manage this access code, renewing when necessary.

Here’s a rough model

  1. Get a code (this expires in max 10 minutes)
  2. Get a refresh code from the code. The refresh code never expires.
  3. Get an access code from the refresh code. This access code lasts 1 hour. Refresh when expired using the refresh code.

Here is how to get your refresh code.

  1. Login to https://api-console.zoho.eu (or https://api-console.zoho.com)
  2. Select Self Client
  3. Generate Code
  4. Scope e.g. ‘ZohoCRM.modules.ALL, ZohoCRM.settings.ALL’ for CRM or ‘ZohoCRM.modules.ALL, ZohoCRM.settings.ALL, Desk.tickets.ALL, Desk.contacts.ALL, Desk.settings.ALL , Desk.basic.ALL’ for Desk
  5. Time Duration = 10 minutes
  6. Description = Something useful
  7. Copy the code

Get the refresh code

Make a post call using Postman or similar.

  1. URL = https://accounts.zoho.eu/oauth/v2/token (or .com)
  2. Body fields are client_id, client_secret, grant_type = authorization_code, code =
  3. Make the POST
  4. Copy refresh_token from the response.
  5. This refresh_token is then used to generate your access_code, which you'll probably put in your .env or config file.

401 error returned by Zoho desk API call

This is mostly likely that you do not have the correct privileges on set on the Self Client.  Check them and get a new refresh code if you change the settings.