CRM Help

The Version 1.0 Zoho CRM APIs were deprecated on Dec 31, 2018, and will reach their end-of-life(EOL) on Jan 31, 2020, for the Professional and above editions. The EOL for the Free and Standard/Starter editions is Jan 15, 2020. We strongly recommend you migrate to the new and improved API 2.0.

Using Authentication Token

The Zoho CRM API is available in all editions of Zoho CRM. To use the API, you'll require the Zoho CRM Authentication Token from your CRM account. Please make sure that you have the permission to access the API service. If you do not have permission, please contact your CRM administrator.

Generate Auth Token

To generate the Auth Token, you need to send an authentication request to Zoho Accounts using the URL format below. Make sure that you are a confirmed user, else while generating the Auth Token the you might receive an error - "ACCOUNT_REGISTRATION_NOT_CONFIRMED".

URL Format

API Mode:

To generate Auth Token in API mode, do the following:

  1. Log in to Zoho CRM.
  2. Open .
  3. In the Zoho Accounts Home page, click Two Factor Authentication.
  4. In the Two Factor Authentication page, click on the Manage Application Specific Passwords.
  5. In the Application Specific Passwords pop-up, do the following:
    1. Enter the Device or App Name
    2. Enter the current password
    3. Click Generate. You will receive the new application-specific password with spaces.
  6. Remove the spaces in password and include in the following API mode URL to generate the Auth Token.[Username/EmailID]&PASSWORD=[Password]&DISPLAY_NAME=[ApplicationName]


  • Use HTTP POST method to make the request.

Parameters to be passed along with this URL are:

EMAIL_IDSpecify your Zoho CRM Username or Email ID
scopeSpecify the value as ZohoCRM/crmapi
PASSWORDSpecify your Zoho CRM Password
DISPLAY_NAMESpecify the Application Name that describes the purpose of using this AuthToken. For example, "MailChimp" or "Google Apps"

For more information, please refer Two factor Authentication help  page.

Sample Response

#Wed Feb 29 03:07:33 PST 2012


  • The Auth Token can be used in all your API calls. You can also see the URL format under Setup > Developer Space > APIs.
  • You need to be logged into your CRM account to use the Browser Mode.


Here's an example to fetch records:

Revoking Auth Tokens

You can delete the Auth Token generated for your account from the 'My Zoho Account' Page.

  1. Log in to Zoho CRM
  2. Open [Username] > My Account
  3. In your Accounts page, click Active Authtokens.
  4. In the Active Authtokens page, you can Remove(revoke) Auth Tokens.


  • For Security purposes, you would not be able to view the existing Auth Tokens. Please save the Auth Token as and when it is generated.
  • Removing an Auth Token will delete the token permanently.
  • If you regenerate Auth Token, update your program with the new token.

Points to Remember

  • The Auth Token is user-specific and is a permanent token.
  • On deletion, the existing token will be deleted permanently. The new token has to be replaced in all API calls.
  • The Auth Token of a user's account will become invalid if the user is deactivated.
  • We notify CRM users (Users who generated the Auth Token) if your organization exceeds the API limit.
  • In case, your application requires more than the upper limit, your additional API requests will not be processed. To avoid data transfer issues, please assess your API requirements well in advance. If you need any help, please contact our Support at

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: