Identify User Location

Clients need to serve all users across multiple data centers around the globe. For every user, the client needs to figure out the user location, get an appropriate access token, and make API requests.


When you make an Authorization Request, the response has the location parameter. This value determines that users' DC.

The client makes an authorization request on behalf of the resource owner to Zoho Accounts via the user agent (usually a web browser):

Note: To receive another refresh token, include access_type=offline and prompt=consent in your authorization request.

  • URI Endpoint: https://accounts.zoho.com/oauth/v2/auth
  • HTTP Request Type: GET
  • Mandatory Parameters:
    • client_id - Obtained from registering your client at the Zoho Accounts developer console.
    • response_type - Value must be 'code'.
    • Authorized Redirect URI - The URI endpoint that Zoho Accounts will redirect the web browser to with the authorization code after authorizing the client. 

Note: Make sure the authorized redirect URI is the same as the one provided while registering your client.

  • Scope - Sample scope - "AaaServer.profile.READ"
  • Optional Parameters:
    • access_type - Value can be 'offline' or 'online'. If the value is offline, you will receive a refresh token along with an access token only the first time you make the request. You can use the access token to make API calls. Note: If you forget your refresh token or cannot access it, use the following parameter to receive a new refresh token.
    • prompt - Value must be 'consent'. If this parameter is included in the query, every time you request an access token using a refresh token, the user's consent approval will be mandatory.

  Note: To receive another refresh token, include access_type=offline and prompt=consent in your authorization request

  • Authorization Response Parameters:
    • code - A short-lived authorization token which can be exchanged for an access token at Zoho Accounts.
    • location - Determines user's domain location. Clients must make access token requests to that particular domain URI

 

Authorization Request

Copiedhttps://accounts.zoho.com/oauth/v2/auth?response_type=code&client_id=1000.GMB0YULZHJK411284S8I5GZ4CHUEX0&
scope=AaaServer.profile.Read&redirect_uri=https://www.zylker.com/oauthredirect&prompt=consent

Authorization Response

Copiedhttps://www.zylker.com/oauthredirect?code=1000.9c3a2a6a5362125efc9f7666224313b6.d44f4b5b63e71fc682cdf20c771efead&location=eu
Zoho Accounts authenticates the user and displays a consent screen for confirming authorization request. Once the end user grants the authorization request, Zoho Accounts sends an authorization grant code to the redirect URI client.