Migrating to Oauth 2.0

Migrating to Oauth 2.0

This article will help you generate access and refresh tokens from the existing auth token for redirection based applications and self-client applications. You can use the API version 1.1 when:
  1. Your application has multiple users and it obtains their username and password to generate an auth token
  2. Users input their auth tokens

Migration for redirection based application

Prerequisite

The application owner must share the client ID, auth token scopes, and the required Oauth scopes over an email to support@zohocampaigns.comAt Zoho Campaigns, we will validate the details and configure them in Zoho Accounts. After successful validation, we will inform the application owner about the client upgrade over an email.

How it Works?

Migration for redirection based applications happens in a phased manner.
  1. After successful validation from the service team, the external application will access the "Migration for Redirection-based Applications" API with the client ID, client secret, and auth token.
  2. Zoho Accounts will check whether the parameters passed in the request are already verified.
  3. After successful validation, Zoho Accounts will provide the Oauth access and refresh tokens to the application.

Request URL

Request method

POST

Parameters

Parameter
Data type
Description
client_id
string
Specify the client ID you obtained while registering your application
client_secret
string
Specify the client secret generated from the connected application.
grant_type
string
The grant type must be authtooauth.
authtoken
string
Specify your auth for token.

Possible Errors 

Error code
Description
invalid_grant
The grant_type is not specified as authtooauth.
invalid_client
The client ID you specified is wrong.
(or)
The auth to Oauth mapping entry for the valid client is not made in accounts.
invalid_authtoken
The auth token you specified is wrong.
(or)
The auth token scope mismatches with the pre-shared auth scopes.
invalid_scope
The Oauth scope you specified is invalid.

Note:
  1. The maximum number of migration requests you can make is 60 per minute and 100 per hour.
  2. After the generation of an Oauth token, the system deletes the old auth token after 1 day.
  3. The maximum number of times a client can pass an invalid auth token is 20. If you exceed this limit, the system will block the client and throw the "access_denied" error message.

Migration for self-client applications

You can use this option when your application is a standalone server-side application performing a back-end job, and you do not have a domain and a redirect URL.

How it Works?

Migration for self-client applications happens in a phased manner.
  1. The external application will access the "Migration for Self-Client Applications" API with the client ID, client secret, auth token, and the required Oauth scopes.
  2. Zoho Accounts will check whether the service names of the auth token and Oauth scopes match.
  3. After scope validation, Zoho Accounts will check whether the application owner and the auth token owner are the same.
  4. If the validation is successful, Zoho Accounts will generate an Oauth token for the external application. Otherwise, the system will throw the "access_denied" error message.
  5. Zoho Accounts will send an email to the user about the client upgrade.

Request URL

Request method

POST

Parameters

Parameter
Data type
Description
client_id
string
Specify the client ID you obtained while registering your application.
client_secret
string
Specify the client secret generated from the connected application.
grant_type
string
The grant type must be authtooauth.
authtoken
string
Specify your auth token.
scope
string
Specify the Oauth scopes to access data from Zoho Campaigns. For more details about Zoho Campaign scopes, refer Access Token section of the Zoho Campaigns REST API Documentation.

Possible Errors

Error code
Description
invalid_grant
The grant_type is not specified as authtotoauth.
access_denied
The auth token you specified is already used to generate an Oauth token.
invalid_client
The client ID you specified is wrong.
invalid_authtoken
The auth token you specified is wrong.
invalid_scope
The Oauth scope you specified is invalid.

Note:
  1. The maximum number of migration requests you can make is 25 per minute and 60 per hour.
  2. After the generation of an Oauth token, the system deletes the old auth token after one day.

    • Related Articles

    • Migrating to Zoho Campaigns

      Moving to a new email marketing platform is an exciting transition that promises better growth and conversions. However, the process of migration may be a daunting task for marketers as they will have to acclimatize to the UI, features, and ...

    • Why is my Zoho Recruit-Zoho Campaigns integration not migrated to the new OAuth setup?

      This might happen due to one of the following reasons: Your ZSC key is invalid, so the migration couldn't take place. Re-integrate your account and check if you can access the syncs. You are not an admin in Zoho Campaigns. You need to change your ...

    • Can I create Zoho CRM syncs with multiple accounts of the same Zoho Campaigns organization?

      It is now possible to create syncs with multiple accounts. However, after September 30, 2022 we only permit one admin account of Zoho Campaigns organization to be integrated with Zoho CRM. This means you won't be able to create syncs with multiple ...

    • Why would I upload a list of contacts as Unsubscribed?

      There are a few scenarios where uploading a list of unsubscribed contacts can be useful:  If a user is maintaining Unsubscribed contacts in a different service If the user is migrating from a different service If the user receives a direct request ...

    • Reputation Management

      Email sending practices, subject line, content, and mailing list quality are some of the factors that define a sender's domain reputation. These factors determine whether your emails should reach recipient's, land in the spam folder, or never get ...