Zoho is moving on from authtoken to the more secure OAuth connections. What this means for your security is stricter access to your data through the Zoho API, with clear visibility on who is connecting to what, in an easy to use, standardized way. You can read the official Zoho word here for a more specific definition.
What this means for Zoho power users is that it is time to update your existing authtoken connections, workflows and scripts. If you have created your own self-hosted or web-based application, Zoho has created a form for you to contact their support team for migration.
If you are working within the Zoho ecosystem with custom scripts or functions, then it is just a matter of making some changes to your existing calls.
3 Steps to Setting Up OAuth in Zoho to Replace Authtokens
Step 1. Setup a Connection
This is the base for OAuth control and will allow you to choose what applications you can connect to and what information, or functions, they are allowed to share. Keep in mind that you will need one connection for every app you want to connect, this could mean a Zoho Books connection if you want to get payment details, or aZoho Inventory connection if you want to create a Sales Order.
Learn more about connections from the Zoho Knowledge Base.
- Click the Setup icon (gear) in the top bar.
- Click Connections under the Developer Space menu.
- You will land on the My Connections page, which will list the connections created by you.
- Click the Create Connection button in the top right corner of the page.
- On the Create Connection page, pick a service type.
- Enter the Connection Name and the Connection LinkName you intend to have.
- Select the Scope if required, depending on the application’s prerequisites.
- Click Create and Connect.
- A summary page displaying the Link Name, Service Name, and Status of the Connection is shown.
Step 2: Remove Authtoken Parameters
- Remove the authtoken parameters in the existing function code.
Step 3: Add Your OAuth Connection Name
- Add the new “connection” parameter in the invokeurl method with the value of the Connection LinkName. This can be found in Step 1 when setting up the connection, but should look something like this: “books_connection”
And that’s it! Once you save your script/function you are up to date and ready to take advantage of the new OAuth connection.