GraphQL - Authorization
Zoho CRM GraphQL APIs uses OAuth 2.0 for authorization, same as that of Zoho CRM REST APIs. Refer to OAuth Overview for details.
In a single GraphQL API invocation, multiple resources can be queried. However, you need to have proper OAuth scopes to access the corresponding GraphQL resources. Each resource is associated with a particular GraphQL type and should be accessed with token having proper OAuth scope.
Required Scopes : ZohoCRM.GraphQL.READ (and) Scope of the corresponding resources
Scopes of different resources
| Resource and its type | Required Scope |
|---|---|
| {module}__Connection type | ZohoCRM.modules.{module}.READ |
| {module}__data type | ZohoCRM.modules.{module}.READ |
| Modules under the _Meta type | ZohoCRM.settings.modules.READ |
| ChildRelations under the _Meta type | ZohoCRM.settings.child_relationships.READ |
| Layouts under the _Meta type | ZohoCRM.settings.layouts.READ |
| RelatedLists under the _Meta type | ZohoCRM.settings.related_lists.READ |
| Profiles | ZohoCRM.settings.profiles.READ |
| Fields under the _Meta type | ZohoCRM.settings.fields.READ |
| CustomViews under the _Meta type | ZohoCRM.settings.custom_views.READ |
| Users | ZohoCRM.users.READ |
| Roles | ZohoCRM.settings.roles.READ |
| Widgets under the _Meta type | ZohoCRM.settings.widgets.READ |