Generating Access Token and Refresh Token
OAuth2.0 requests are usually authenticated with an access token, which is passed as bearer token. To use this access token, you need to construct a normal HTTP request and include it in an Authorization header along with the value of "Bearer".
You must use your domain-specific Zoho Accounts URL to generate access and refresh tokens. The following are the various domains and their corresponding accounts URLs.
For US: https://accounts.zoho.com
For AU: https://accounts.zoho.com.au
For EU: https://accounts.zoho.eu
For IN: https://accounts.zoho.in
For CN: https://accounts.zoho.com.cn
For JP: https://accounts.zoho.jp
To generate access and refresh token:
Make a POST request with the following URL. Replace {Accounts_URL} with your domain-specific Zoho accounts URL when you make the request.
{Accounts_URL}/oauth/v2/token
Note: For security reasons, pass the below key-value pairs in the body of your request.
Request Parameters
Parameter Description grant_type Enter the value as authorization_code. client_id Client ID(consumer key) that you received after client registration. client_secret Client Secret that you received after client registration. redirect_uri Callback URL that you received after client registration. code Enter the authorization code obtained from the previous step. If the request is successful, you will receive the following response.
{ "access_token": "{access_token}", "refresh_token": "{refresh_token}", "api_domain": "https://www.zohoapis.com", "token_type": "Bearer", "expires_in": 3600 }
Response Parameters
Parameter Description access_token Access token to access the Phonebridge APIs. refresh_token Refresh token to obtain new access tokens. expires_in Time in seconds after which the access token expires. api_domain Domain name from which you have to make API calls. token_type Type of token obtained. "Bearer" indicates this is an access token.
The access token is valid only for an hour.
The refresh token does not expire.