Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Zoho CRM

Authentication & Authorization

Credentials

  • Zoho CRM connects via OAuth 2.0 with Authorization Code Grant Flow.
  • Client ID and Client Secret credentials can be obtained through the Zoho CRM account (see Zoho CRM Connection Instructions).
  • DataGrail uses Refresh Token Flow to periodically update Access Token after it expires to keep the connection alive.
  • Publicly exposing your API credentials can allow unauthorized access to the Zoho CRM API endpoints, and your Zoho CRM data by a third party. DataGrail stores your API credentials encrypted and protected.

Scopes

Zoho CRM API requires specific scopes that need to be approved by you in order to grant DataGrail read and write on certain objects necessary to complete access and deletion requests:

  • ZohoCRM.users.ALL
  • ZohoCRM.org.ALL
  • ZohoCRM.modules.ALL

Accounts URL

Zoho support domain-specific Zoho Accounts URL to generate access and refresh tokens.

Actual list of the various domains and their corresponding accounts URLs can be found here.

Zoho Accounts URL should be define during DataGrail integration connection (see Zoho CRM Connection Instructions).

Base URL

Base URL consists of the API URL and API version:

  • {API URL}/crm/{API_VERSION}

API URL is received with get access token request.

Example of BASE URL:

  • https://www.zohoapis.com/crm/v2/

Endpoints Utilized

  • Request authorization:
    • GET {Accounts_URL}/oauth/v2/auth
  • Get and refresh access token:
    • POST {Accounts_URL}/oauth/v2/token
  • Verify connection and access to the requested scopes:
    • GET {BASE_URL}/contacts

Version

DataGrail Zoho CRM integration currently supports version 2 (v2).

Limits

API calls in Zoho CRM are associated with credits. The credits are deducted from your credit count, based on the type of the API call that you make. Credit deduction is based upon the intensiveness of the performance, and the memory usage of the operations involved in the API calls.

In addition to the above credit system, Zoho CRM also uses a Concurrency system, to calculate API Limits based on the number of concurrent calls made per org per app in Zoho CRM. These concurrency limits specify the maximum number of API calls that can be simultaneously active at a given point of time per org per app.

  • DataGrail supports requests throttling to stay within 70-80% of specified rate limits for Zoho CRM Starter Edition.
  • DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Access

For an access request, DataGrail will take the following actions:

  • Fetch contacts, leads and cases via Get Records API
  • Filter contacts, leads and cases by the Data Subject email.
  • For all found contacts:
    • Fetch activities, calls, quotes, invoices, purchase_orders, sales_orders and tasks via Get Records API.
    • Filter objects by the Data Subject email.
  • For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.

Endpoints Utilized

  • GET {BASE_URL}/contacts
  • GET {BASE_URL}/leads
  • GET {BASE_URL}/cases
  • GET {BASE_URL}/activities
  • GET {BASE_URL}/calls
  • GET {BASE_URL}/quotes
  • GET {BASE_URL}/invoices
  • GET {BASE_URL}/purchase_orders
  • GET {BASE_URL}/sales_orders
  • GET {BASE_URL}/tasks
note

DataGrail also supports the Direct Contact Access workflow for Zoho CRM.

Deletion

For a deletion request, DataGrail will take the following actions:

  • Run access flow described above.
  • Delete the records via Delete Records API if they are:
    • In the list of deletable records: contacts, leads, cases, calls, quotes, tasks, invoices.
    • Selected by the customer to delete.

Endpoints Utilized

  • GET {BASE_URL}/contacts
  • GET {BASE_URL}/leads
  • GET {BASE_URL}/cases
  • GET {BASE_URL}/calls
  • GET {BASE_URL}/quotes
  • GET {BASE_URL}/invoices
  • GET {BASE_URL}/tasks
  • DELETE {BASE_URL}/contacts/{id}
  • DELETE {BASE_URL}/leads/{id}
  • DELETE {BASE_URL}/cases/{id}
  • DELETE {BASE_URL}/calls/{id}
  • DELETE {BASE_URL}/quotes/{id}
  • DELETE {BASE_URL}/invoices/{id}
  • DELETE {BASE_URL}/tasks/{id}
note

DataGrail also supports the Direct Contact Deletion workflow for Zoho CRM.

 

Need help?
If you have any questions, please reach out to your dedicated Account Manager or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.