Using Authentication Token
To use the API, you'll require the Authentication Token from your CRM account. The authentication token should be passed in the request header for every API request. Please make sure that you have the permission to access the API service. If you do not have permission, please contact your CRM Administrator.
To generate the Auth Token, you need to send an authentication request to the Vertical CRM Accounts using the URL format shown below. Make sure that you are a confirmed user, else while generating the Auth Token the you might receive an error - "ACCOUNT_REGISTRATION_NOT_CONFIRMED".
APPDOMAIN is the the application URL that you provide at the time of creation of your application. If you have mapped your custom domain to your application, you can still use this application URL and it will automatically be mapped to your domain. If the EMAIL_ID and PASSWORD contain special characters, then they should be encoded.
For example : If "pharmahub.zohoplatform.com" is your application's URL, the the API format will be
You will the get the required token as response as shown below.
#Wed Feb 29 03:07:33 PST 2012
Every API calls made to the application requires the authtoken passed in the request header.
Sample Code snippet for passing authtoken in request header is shown below:
DefaultHttpClient httpclient = new DefaultHttpClient();
String url = "http://localhost";
HttpPost httpPost = new HttpPost(url);
httpPost.addHeader("Authorization" , "<Generated Auth Token>");
HttpResponse response = httpclient.execute(httpPost);
HttpWebRequest req= HttpWebRequest.Create("myURL");
req.Headers.Add("Authorization", "<Generated Auth Token>");
Here's an example to fetch records:
You can delete the Auth Token generated for your account (See Generate Auth Token section), and call the below URL.
- Removing an Auth Token will delete the token permanently.
- If you regenerate the Auth Token, update your program with the new token.
Points to Remember
- The Auth Token is user-specific and is a permanent token.
- On deletion, the existing token will be deleted permanently. The new token has to be replaced in all API calls.
- The Auth Token of a user's account will become invalid if the user is deactivated.
- In case, your application requires more than the upper limit, your additional API requests will not be processed. To avoid data transfer issues, please assess your API requirements well in advance. If you need any help, please contact our Support at email@example.com