OAuth Scopes
Zoho People APIs use selected scopes, which control the type of resource that the client application can access. Tokens are usually created with various scopes to ensure improved security. For example, you can generate a scope to create or view a lead, or to view metadata, and so on.
Scopes contain three parameters — service name, scope name, and operation type (See example below).
The format to define a scope is
scope=service_name.scope_name.operation_type
Scope name is combination of 3 parameters:
servicename.scopename.operationtype.
Sample
Service name:
ZOHOPEOPLE
Scope name:
It may vary based on the API you are using. You can find the appropriate scope on the corresponding API sample URLs in our help documentation.
for example: If need to access forms then scopename is forms .
For timesheet data it will be timesheet
Operation types:
CREATE - you can have access to Create data.
UPDATE - can have access to update data.
READ - can able to get data.
DELETE - can able to delete data.
ALL - you can able to do all the above CURD operation.
So, the scopes will be like:
ZOHOPEOPLE.forms.ALL
ZOHOPEOPLE.timesheet.READ
For Example:
https://accounts.zoho.com/oauth/v2/auth?scope=ZOHOPEOPLE.forms.ALL
Here, ZOHOPEOPLE is the service API name, forms is the scope name, and ALL is the operation type.
Available Scopes
| Scope Name | Associated Operation Types | Description |
| employee | employee.ALL | Grants permission to employee related operations |
| forms | forms.ALL forms.CREATE forms.READ forms.UPDATE | Grants permission to form related operations |
| dashboard | dashboard.ALL | Grants permission to dashboard related operations |
| automation | automation.ALL | Grants permission to automation related operations |
| timetracker | timetracker.ALL | Grants permission to timetracker related operations |
| attendance | attendance.ALL | Grants permission to attendance related operations |
| leave | leave.ALL leave.READ leave.CREATE leave.UPDATE | Grants permission to leave related operations |