Migration for Self-Client Applications
Purpose
To authenticate and generate access by refreshing the existing auth tokens to OAuth.
To perform this operation, your app should be a standalone server-side application performing a back-end job, you should not have a domain and a redirect URL.
Note:
We will be deprecating support for Zoho Authtoken from December 15, 2020. If you are still using Authtoken for authentication, we recommend you migrate to OAuth 2.0 immediately. In order to migrate to OAuth 2.0, you will need Client ID and Client secret values. Refer to the OAuth 2.0 page for further details.
How does it work?
- The external application will access the "Migration for Self-Client Applications" Accounts API with the client ID, client secret, auth token, and the required OAuth scopes.
- Zoho Accounts will validate the auth and OAuth scopes and also verify if the auth token and client ID are owned by the same user.
- If the validation is successful, Zoho Accounts will generate the OAuth token. After 24 hours of creating the OAuth token, Zoho Accounts will automatically delete the existing AuthToken.
- Once the process is complete, Zoho Accounts will send an email to the user about the client upgrade.
- In case the validation was unsuccessful, the system will throw the "access_denied" error.
Request URL
https://accounts.zoho.com/oauth/v2/token/self/authtooauth
Request Parameters
| Parameter | Data Type | Description |
| client_id* | String | The ID that was assigned to your app when you registered it. |
| client_secret* | String | The unique hash generated from the connected application. |
| grant_type* | String | The grant_type value is "authtooauth" |
| authtoken* | String | The authtoken of your account. |
| scope* | String | Specifies the scope allowed for your app. Has to be separated by commas. Syntax: Servicename.scopename.Operation Example: ZohoMail.folders.READ, ZohoMail.folders.CREATE |
Troubleshoot
| Error text | Reason |
| invalid_grant | The grant_type is not specified as authtooauth. |
| access_denied | The auth token you specified is already used to generate an OAuth token. |
| invalid_client | The client ID you specified is wrong. |
| invalid_authtoken | The authtoken you specified is wrong. |
| invalid_scope | The OAuth scope you specified is invalid. |
| invalid_request | You have not specified valid soid parameter. |
Note:
You can make a maximum migration request of up to 25 per minute and 60 per hour.
Sample Request
Copiedhttps://accounts.zoho.com/oauth/v2/token/self/authtooauth?
client_id=1000.7YHxxxxxxxxxxxxxxxxxFV
&client_secret=x5xxxxxxxxxxxxxxxxxxxxxx123
&grant_type=authtooauth
&authtoken=feexxxxxxxxxxxxxxxxxxxf59e
&scope=ZohoMail.profile.ALLSample Response
Copied{
"access_token": "1000.03xxxxxxxxxxxxxxxxxa5317.dxxxxxxxxxxxxxxxxxfa",
"refresh_token": "1000.95xxxxxxxxxxxxxxxb0de.10bxxxxxxxxxxxxxxxxxx31b",
"expires_in_sec": 3600,
"token_type": "Bearer",
"expires_in": 3600000
}