Token Persistence

Token Persistence

Token persistence refers to storing and utilizing the authentication tokens that are provided by Zoho. There are three ways provided by the SDK in which persistence can be applied. They are file persistence, DB persistence (default) and Custom persistence.

Database Persistence

In case the user prefers using database persistence, MySQL can be used. The DB persistence mechanism is the default method in PHP SDK.

  • The database name should be zohooauth.

  • There must be a table oauthtokens with columns

    • useridentifier (varchar(100))

    • accesstoken (varchar(100))

    • refreshtoken (varchar(100))

    • expirytime (bigint)


From version 2.0.7 onwards, you can provide the address of the machine in the host_address key of the configuration array. The default value is 'local host'.

File Persistence

In case of file persistence, the user can also set up persistence as a file in the local drive, he needs to set the file path in the token_persistence_path, of the $configuration array (key-value pair).

  • In case the user uses file persistence, he has to create an empty file with the file name zcrm_oauthtokens.txt.

  • The file path of the folder containing the zcrm_oauthtokens.txt file must be provided in token_persistence_path.

For example, if the file has to be under folder "TokenStorage", then


You must not include "zcrm_oauthtokens.txt" in the path.

Custom Persistence

Starting from the PHP SDK version 2, the user can have his own implementation of persistence. The user needs to provide the file path of the PHP file that implements the custom persistence, in the persistence_handler_class key of the configuration array (key-value pair).


From version 2.0.7 onwards, you can provide the name of the persistence handler class in the persistence_handler_class_name key of the configuration array.

  • The class must implement ZohoOAuthPersistenceInterface.

The user can write an implementation of the inbuilt ZohoPersistenceHandler interface, which must contain the following callback methods.

  • saveOAuthData(ZohoOAuthTokens tokens) - invoked while fetching access and refresh tokens from Zoho.

  • deleteOAuthTokens($userEmailId) - invoked before saving the newly received tokens.

  • getOAuthTokens($userEmailId) - invoked before firing a request to fetch the saved tokens. This method should return ZohoOAuthTokens object for the library to process it.

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: