Migration to OAuth - An Overview

All existing auth tokens will be deprecated on 28 February 2021. Hence, to keep accessing Zoho Recruit, you need to migrate to the version OAuth Authentication.


  1. Authentication
  2. Token Migration


  • Authtoken
  • Zoho OAuth


&authtoken=Auth Token

Zoho OAuth


Method: POST
Header: Authorization=Zoho-oauthtoken {access_token}

Switch to Oauth 2.0 authentication protocol. Here, the access token is passed in the header of the request. The OAuth 2.0 protocol improves security by providing access to only selected resources through Scopes.

Token Migration

The Migration APIs help you obtain access and refresh tokens from the existing auth token.
The two types of migration APIs are

  1. Migration for Redirection-based Applications

  2. Migration for Self-Client Applications

  3. Custom Functions

  • Redirection-based
  • Self-Client
  • Custom Functions

Redirection-based Apps

Use this API if your application has multiple users and you obtain their username and password to generate auth token, or if the users input their auth tokens.

  1. Before you can access this API, you must share your client ID(obtained from the developer console), auth token, auth token scopes, and the required OAuth scopes over an email to support@zohorecruit.com for validation.

Refer to Migration for Redirection-based Applications for more details.

Self-client Apps

Use this API if your application uses only one auth token.
Refer to Migration for Self-Client Applications for more details.

Custom Functions

Changing the auth token mechanism within your custom functions is easy with Connections, a type of wrapper that helps you migrate to Zoho OAuth with a few simple steps.
Refer to Custom Functions for more details.