Generate Access Token and Refresh Token

OAuth2.0 requests are usually authenticated with an access token, which is passed as bearer token. To use this access token, you need to construct a normal HTTP request and include it in an Authorization header along with the value of Bearer.

To generate access and refresh token:

1. Make a POST request with the following URL. Replace {Accounts_URL} with your domain-specific Zoho accounts URL when you make the request.

   {Accounts_URL}/oauth/v2/token

   Note: For security reasons, pass the below parameters in the body of your request.

   Request Parameters

   Parameter	Description
   grant_type	Enter the value as "authorization_code".
   client_id	Specify client-id obtained from the connected app.
   client_secret	Specify client-secret obtained from the connected app.
   redirect_uri	Specify the Callback URL that you registered during the app registration.
   code	Enter the grant token generated from previous step.

2. If the request is successful, you will receive the following:

   {
   "access_token": "{access_token}",
   "refresh_token": "{refresh_token}",
   "api_domain": "{api_domain}",
   "token_type": "Bearer",
   "expires_in": 3600
   }

   Response Parameters

   Parameter	Description
   access_token	Access token to access Zoho FSM APIs
   refresh_token	Refresh token to obtain new access tokens
   expires_in_sec	Time in seconds after which the access token expires
   api_domain	Domain name of the API. Use this domain in your requests to make API calls to Zoho FSM. For US: https://fsm.zoho.com For AU: https://fsm.zoho.com.au For EU: https://fsm.zoho.eu For IN: https://fsm.zoho.in
   token_type	Type of token obtained. "Bearer" indicates this is an access token.
   expires_in	Time in milliseconds after which the access token expires

   This completes the authentication. Once your app receives the access token, send the token in your HTTP authorization header to Zoho FSM API with the value "Zoho-oauthtoken {access_token}" for each endpoint (for each request).