Migration to v2.0 - An Overview

The v1 APIs were deprecated on 31 December, 2018 and will reach their end-of-life (EOL) on 31 December, 2019. Hence, to keep accessing Zoho CRM, you need to migrate to the version 2 APIs.

Why API v2 is Better?

  1. Increased API credit limits - Maximum of 2,000,000 credits for the Ultimate edition of Zoho CRM, whereas v1 API has a maximum limit of 25,000 credits for the Enterprise edition

  2. Easy Parsing - Simple JSON format for input and response

  3. Improved Security - Supports OAuth 2.0 authentication protocol

  4. API names - Instead of display labels

  5. Notification APIs - Instant push notification on data changes

  6. Bulk APIs - Fetch up to 200,000 records or insert up to 25,000 records in one shot

  7. SDKs - Support for Server Side, Mobile, and Javascript SDKs

Migration checklist for developers

  1. Check whether you need to migrate your user's access tokens or re-authenticate with a new permission.

  2. Familiarize yourself with the new v2 syntax. v2 APIs accept only JSON input.

  3. Familiarize yourself with the changes in field attributes and field formats as mentioned in Differences - v1 and v2.

  4. Take a look at the API methods available in v1 and how different they are in v2 here.

  5. Update the error handling in your app to utilize v2 errors with proper status codes.

  6. Take a look at the Integration tasks and how to use them in your deluge script for v2 APIs here.

Following are the areas you need to look at to migrate from v1 and v2. Each of these sections explains the differences between the two versions in detail.

  1. Authentication
  2. Base URL
  3. Input format and API Names
  4. API Responses
  5. Integration Tasks
  6. Throttling
  7. Token Migration

Authentication

  • v1
  • v2
 

v1

https://crm.zoho.com/crm/private/xml/Leads/insertRecords?
newFormat=1
&authtoken=Auth Token
&scope=crmapi
&xmlData=<data>

v1 APIs use the auth token for authentication. This auth token is passed a parameter in the input.

v2

URL: https://www.zohoapis.com/crm/v2/Leads
Method: GET
Header: Authorization=Zoho-oauthtoken {access_token}

v2 APIs use Oauth 2.0 protocol for authentication. Here, the access token is passed in the header of the request. The OAuth 2.0 protocol improves security by providing access to only selected resources through Scopes.

Base URL

  • v1
  • v2
 

v1

https://crm.zoho.com/crm/private/xml/Leads/getRecords?authtoken=AuthToken&scope=crmapi

Here, https://crm.zoho.com/crm/private/ is the base url.

v2

URL: https://www.zohoapis.com/crm/v2/Leads
Method: GET
Header: Authorization=Zoho-oauthtoken {oauth_token}

Here, https://www.zohoapis.com/crm/v2/ is the domain-specific base url for the US data center. Refer to Multi DC for more details about the domain-specific API URLs.

Input Format and API Names

  • v1
  • v2
 

v1

curl -X POST
'https://crm.zoho.com/crm/private/xml/Leads/insertRecords?newFormat=1&authtoken=***'
-d 'xmlData=<Leads><row no="1"><FL val="Lead Source">Web Download</FL><FL val="Company">Your Company</FL><FL val="First Name">Hannah</FL><FL val="Last Name">Smith</FL></row></Leads>'
  1. v1 APIs use field labels in their requests. In the create records example shown above, Lead Source, Company, First Name, and Last Name are the field labels in the Leads module.

  2. v1 APIs accept input only in xml format.

Refer to API methods for more details about the differences in API methods in v1 and v2.

v2

curl "https://www.zohoapis.com/crm/v2/Leads"
-H "Authorization: Zoho-oauthtoken 1000.8cb99dxxxxxxxxxxxxx9be93.9b8xxxxxxxxxxxxxxxf"
-d "@newlead.json"
-X POST{
"data": [
    {
        "Company": "Zylker",
        "Last_Name": "Daly",
        "First_Name": "Paul",
        "Email": "p.daly@zylker.com",
        "Lead_Source": "Chat"
    }]}
  1. All v2 APIs use API Names instead of field labels. In the create record example shown above, Company, Last_Name, First_Name, and Lead_Source are the field API names in the Leads module.

  2. v2 APIs accept only JSON as the input.

Refer to API methods for more details about the differences in API methods in v1 and v2.

API Responses

  • v1
  • v2
 

v1

<?xml version="1.0" encoding="UTF-8" ?>
<response uri="/crm/internal/xml/Leads/insertRecords">
 <result>
 <message>Record(s) added successfully</message>
 <recorddetail>
 <FL val="Id">525508000003633001</FL>
 <FL val="Created Time">2019-06-27 19:00:08</FL>
 <FL val="Modified Time">2019-06-27 19:00:08</FL>
 <FL val="Created By">
 <![CDATA[Patricia Boyle]]>
 </FL>
 <FL val="Modified By">
 <![CDATA[Patricia Boyle]]>
 </FL>
 </recorddetail>
 </result>
  1. v1 APIs return the response in either xml, JSON, or CSV format, and the required format is specified in the request URL as "https://crm.zoho.com/crm/private/xml/Leads/insertRecords..."

  2. The example shown here is the response to a create record request.

v2

{
"data": [
  {
    "code": "SUCCESS",
    "details": {
      "Modified_Time": "2019-05-02T11:17:33+05:30",
      "Modified_By": {
        "name": "Patricia Boyle",
        "id": "554023000000235011"
      },
      "Created_Time": "2019-05-02T11:17:33+05:30",
      "id": "554023000000527002",
      "Created_By": {
        "name": "Patricia Boyle",
        "id": "554023000000235011"
      }
    },
    "message": "record added",
    "status": "success"
  }
  1. All v2 API responses are in the JSON format, and the response contains keys that are API names of the respective module.

  2. v2 APIs return responses only in JSON or CSV formats.

Refer to API methods for more details about the differences in API methods in v1 and v2.

Integration Tasks

  • v1
  • v2
 

v1

  1. The syntax for v1 integration tasks contains "v1" after the service name.

  2. They use the "yyyy-mm-dd hh:mm:ss" time and date format.

  3. You can only trigger workflow rules via integration tasks.

  4. Updating multi-select lookup fields accept the values only in a string.

For more details, refer to Integration Tasks - Migration to v2.

v2

  1. The syntax for v2 integration tasks does not contain the version number in the syntax.

  2. They use the ISO time and date format.

  3. You can trigger workflow, blueprint, and approval rules via integration tasks.

  4. Updating multi-select lookup fields accept the values in a list.

For more details, refer to Integration Tasks - Migration to v2.

Throttling

  • v1
  • v2
 

v1

  1. The API limit for the Enterprise edition of v1 APIs is 25000 requests/day/organization or 500 requests per user license whichever is lower.

  2. PST time zone is considered to calculate the limits and the requests are reset at 00:00 AM PST.

Refer to API Limits for more details.

v2

  1. V2 APIs use a credit system and a concurrency limit to calculate the edition-based API limits. These limits have a 24-hour rolling window from the start of the call.

  2. Depending on the CRM edition, credits are deducted from your total credits based on the type of API call you make.

  3. v2 APIs also use concurrency and sub-concurrency limits to limit the maximum number of simultaneously active calls per app in any given instant.

  4. The v2 API limit for the Enterprise edition is 1,000,000 credits and 2,000,000 credits for the Ultimate edition.

  5. The API call limit has a 24-hour rolling window, from the start of the call.

  6. V2 APIs also use credits based on concurrency

Refer to API Limits for more details.

Token Migration

 

The Migration APIs help you obtain access and refresh tokens from the existing auth token.
The two types of migration APIs are

  1. Migration for Redirection-based Applications

  2. Migration for Self-Client Applications

  • For Redirection-based Apps
  • For Self-Client
 

Redirection-based Apps

Use this API if your application has multiple users and you obtain their username and password to generate auth token, or if the users input their auth tokens.

Prerequisite:

  1. Before you can access this API, you must share your client ID(obtained from the developer console), auth token, auth token scopes, and the required OAuth scopes over an email to support@zohocrm.com for validation.

Refer to Migration for Redirection-based Applications for more details.

Self-client Apps

Use this API if your application uses only one auth token.
Refer to Migration for Self-Client Applications for more details.