Extension Creation Guidelines
Now that you’ve learned about the various components of an extension, you can begin building your extension. However, it’s crucial to ensure that your extension aligns with the Zoho Expense extension guidelines. This makes it easier for your extension to be approved or to be published in Zoho Marketplace.
The guidelines that you have to follow when developing an extension are:
Common Guidelines
- Do not use any unwanted components or scripts in the extension.
- Do not use more than 5 custom fields in each module.
- Ensure that the extension name does not contain the name of the product for which it is developed. For example, if you’re developing an extension for Twilio, the extension name should be Twilio and not Twilio for Zoho Expense.
Guidelines for Connections
- If you’re using connections in your extension, enable only the scopes that are required for the connection.
- If the connection’s authentication type is OAuth2, include access_type=offline in the Authorize URL field.
- Ensure that the connection name is a combination of the service name and the extension name, separated by a hyphen in Pascal case. For example, ZohoExpense-Twilio.
- If individual users of an organization have to connect and authorize the connections used in your extension, set the value for the user access param to true.
Guidelines for Custom Scripts
- If you want to publish the extension in other Zoho Finance apps, do not use any internal SDK methods. For example, instead of using zoho.expense.getRecord, use invokeurl.
- Include api_root_endpoint in the Invoke call’s URL.
- Do not create components using scripts.
- If you’re using comments in the custom scripts, ensure that you do not add personal or sensitive information as comments.
Guidelines for Widgets
- If you’re using widgets in the extension, ensure that they adhere to the style used in the Zoho Expense user interface.
- Ensure that the widget’s data is not displayed in the console tool.
Guidelines for Global Fields
- If you’re using global fields in custom scripts, check the Allow use of Global fields in this custom function option.
- If the data type of the global field is Users or Roles, and notifications are sent to the users, set the value of the is_mandatory param to true.