This is a guide on how to get an Zoho API Key to use with Postman.
To use the Zoho APIs, the users must authenticate the application to make API calls with an access token.
The access token, in return, must be obtained from a grant token (authorization code).
So I will show you how you can:
- Creating a new client in Zoho API Console
- Retrieving your Zoho Access Token
- Make Zoho CRM API call with your Zoho Access Token
Creating a new client in Zoho API Console
Go to Zoho - API Console at https://api-console.zoho.com/
Click "Add client".
Review the client types and choose that applicable client type for what you need the API for. I will use the "Self Client".
Select "Self Client".
In the "Create New Client" section, click Create
Confirm that you want to enable self-client, click OK.
Take note of the Client Secret details, as you will need that to use in Postman.
Use Postman to retrieve your Zoho Access Token
Download and install Postman if you have not already.
In Postman, we will download the following file:
- Zoho CRM API Collection JSON file (from Postman - Zoho CRM Developers)
- Zoho CRM API Environment JSON file (from Zoho - Zoho CRM Developer Forum)
We will add this to the following environment variables with their corresponding values:
- client-id: The consumer key generated from the connected app. You get this value when you register your application.
- client-secret: The consumer secret generated from the connected app. You get this value when you register your application.
- redirect-uri: A valid URL of your application to which Zoho Accounts redirects you with a grant token(code) after successful authentication.
- authorization-code: The grant token.
- access-token: The access token to access Zoho CRM APIs. The system automatically adds the value to this variable once the access token is generated.
- refresh-token: The refresh token to obtain new access tokens. The system automatically adds the value to this variable once the refresh token is generated.
- accounts-url: The domain-specific Zoho Accounts URL.
- api-domain: The domain name used to make API calls to Zoho CRM.
- expiry-time: Time in seconds after which the access token expires. The system automatically adds the value to this variable.
Sample values would look like the following:
- client-id: 1000.B0ZHPCUQ28WYA9LTXX524I096XQ49C
- client-secret: 574389e6fadef67301a1d1995465d06719f8851e1b
- redirect-uri: https://www.zoho.com/in/crm
- authorization-code: We will generate this in our next step.
- access-token: Leave blank*
- refresh-token: Leave blank*
- accounts-url: https://accounts.zoho.com
- api-domain: https://www.zohoapis.com
- expiry-time: Leave blank*
*Leave blank, as it will be generated later when we run an API call for our access token.
Generate authorization-code in Zoho API Console
In Zoho API Console, generate an authorization-code by going to our Self Client.
Click on "Self Client".
Fill in the "Generate Code" tab and click Create.
- Scope*: ZohoCRM.modules.ALL, ZohoCRM.org.ALL, ZohoCRM.users.ALL
- Time duration: 10 minutes
- Scope description: Anything you would like here. e.g. "Org, Users, Modules"
*Additional scopes you can use in the future here - Zoho Available Scopes.
Select your portal from the "Select Portal" menu.
Select the org, in my example, this is Production> Vu.
Once you select your org, it will give you a green tick.
You will now have a code generated in the "Generated Code" pop up window. It will look something like one of the examples below (depending on your scope).
Click Copy or Download.
Copy and download the authorization-code from Zoho API Console. In my example it is the following:
We will then select one of the "Generate Access Token and Refresh Token" API.
With "Generate Access Token and Refresh Token" API open, populate the following with the generated code.
- code: 1000.9c80875fefb31993a8e27216e26ff5ae.d128b593348bcc15b303f1774672171a
Specifically, we will add it to the "code" spot.
Once tested, you should get something like this:
If you check your Postman environment, you will now see the access token and refresh token autopopulated there. The system automatically adds values for access-token, refresh-token, and expires-in variables.
You're all set now! You can now testing the Zoho CRM API calls.
Make Zoho CRM API call with your Zoho Access Token
You can now start making Zoho CRM API calls. Here are some examples.
Using the GET Users from the Zoho CRM Users APIs, we can get these details.
More details on this GET Users API - https://www.zoho.com/crm/developer/docs/api/v2/get-users.html
If we ran the following in our Terminal (using the Access Token generated from earlier) then we could also see something similar as well.
curl "https://www.zohoapis.com/crm/v2/org" -X GET -H "Authorization: Zoho-oauthtoken 1000.8cb99dxxxxxxxxxxxxx9be93.9b8xxxxxxxxxxxxxxxf"
Now you can start testing other Zoho CRM APIs. Have fun!