Enhance scope
Use the scope enhancement request to append additional scopes to a refresh token.
Endpoint
CopiedGET {accounts-server-url}/oauth/v2/token/addextrascope Note: The accounts-server-url is specific to the location (i.e., datacenter) where your app is registered.
Query parameters
| Parameter | Description |
| client_id | required The unique ID of your application. You can find this in the API console. |
| response_type | required Should be sent with the value update_scopes. |
| redirect_uri | required The URI to which the authorization server will redirect the browser back with success or failure response. It has to be the same URI which is provided when registering the app in the API console. Should start with http:// or https://. For example: https://www.zylker.com/oauthredirect |
| scope | required The list of additional scopes for the resource you want to access from the user's account. The scopes will be displayed to the user when asking for consent. For example: ZohoCRM.settings.READ |
| enhance_token | required The scope enhancement token you've received from the previous request (step 1). |
| logout | required If you want the user's session to be terminated after they grant/reject the permission, send the value as true. |
Request example
Copiedhttps://accounts.zoho.in/oauth/v2/token/addextrascope
?response_type=update_scopes
&client_id=1000.HRLOVZ0544JSAZ14OQ1NHYHZBTL3SGR
&redirect_uri=https://zylker.com/oauthredirect
&scope=AaaServer.profile.Read,ZohoCliq.users.read,ZohoCRM.users.READ
&enhance_token=1000.e3b9859da1d36faf1e299889f6354da75.d83c513417fdfsdg514fb9ee38a6775fd50
&logout=trueResponse parameters
After authenticating the user, we will display to the user what are all the permissions your app is requesting. Once the user grants permission, the refresh token will be appended with the additional scopes and success response will be returned. If the user rejects them, failure response will be returned.
Response example
Success Response:
https://www.zylker.com/oauthredirect?status=success&scope_enhanced=true
Failure Response:
https://www.zylker.com/oauthredirect?error=access_denied