Site Home  »  Zoho CRM API »  For Existing API Users

For Existing API Users

Tags:  

Using API Key/Ticket? Download this API Guide.


Read about the CRM Authentication Token in our Developer API Forum.


If you are an existing Developer API user and you are using the API Ticket and API Key in all your API calls, it is recommended that you replace the URLs with the CRM Authentication Token. Click here to learn about the Authentication Token.

We will not be supporting the API Key and API Ticket after June 30, 2012.

How do I benefit from using the Auth Token?

The Auth Token is permanent and unlike the API Ticket, you DO NOT have to generate a new token every 7 days.

How do I replace the API Key and Ticket with the Authentication Token?

The format for generating the Authentication Token is: 

https://accounts.zoho.com/apiauthtoken/nb/create?SCOPE=ZohoCRM/crmapi&EMAIL_ID=Zoho CRM Username or Email ID&PASSWORD=Your Zoho CRM Password

So, the API call to fetch all leads from the Leads module will be:

https:// crm.zoho.com/crm/private/xml/Leads/getCVRecords?newFormat=1&authtoken=7d987676893g4j09h43dd0b167dda34b&scope=crmapi&cvName=All Open Leads

API Limit

Zoho CRM EditionAPI Requests - Upper Limit
Free Edition
(3 users free)		Total 250 Requests / day / organization
Professional Edition
(USD 12 / user /month)		250 Requests /day /user license OR
5,000 Requests /day /organization, whichever is lower
Enterprise Edition
(USD 25 / user /month)

250 Requests /day /user license OR
15,000 Requests /day /organization, whichever is lower



For instance, in the Free Edition, if you use the getRecords method, you can fetch a maximum of 200 records per request, in turn, a total of 50,000 records per day (250 x 200 = 50,000 records).

Important:  If you use the getSearchRecords or getCVRecords methods, you can send a maximum of 250 Requests per day irrespective of your Zoho CRM edition. 



To Generate API Key (only for Existing API Users)

  1. Log in to Zoho CRM with Administrator's privilege.
  2. Go to Setup > Developer Space > CRM API Key
  3. You will find a section like this: 
    If you are still using CRM API Key for Authentication, Click here.
  4. Clicking the link will display the API Key.

To Generate Ticket  (only for Existing API Users)

While initiating API request, you must pass the ticket parameter (encrypted alphanumeric string) to authenticate the user credentials with Zoho. To generate a ticket for a particular user, you need to send an authenticated HTTPS POST request over a secured connection to Zoho Accounts.

Sample form POST format with supported parameters:

<form method="POST" action="https://accounts.zoho.com/login" target="_self">
<input type="hidden" name="LOGIN_ID" value="[ZOHO Username or Email ID]">
<input type="hidden" name="PASSWORD" value="[Password for ZOHO ID]">
<input type="hidden" name="FROM_AGENT" value="true">
<input type="hidden" name="servicename" value="ZohoCRM">
<input type="submit" value="Generate Ticket" class="divbutton" name="submit">
</form>


The mandatory parameters along with their values to be passed in the URL are:

 
Parameter Type Description
servicename ZohoCRM Specify the service name is ZohoCRM
FROM_AGENT Boolean True
LOGIN_ID String User's Zoho ID or Email Address
PASSWORD String Password for the Zoho ID


Depending on the parameters passed over to the requested URL, you will get a response in the format given below:


Parameter Type Description
Comment String Ticket generated date & time
GETUSERNAME

WARNING String If the parameters passed in the URL are incorrect, the user will get a warning message stating the same otherwise the value will be null.
PASS_EXPIRY
 Integer
 Displays duration of the password expiry. You will get the value as -1, if the password expiry is not set for your Zoho account.
TICKET String Ticket generated for the request (32 characters)
RESULT Boolean Value is TRUE if the ticket is generated successfully, else it is FALSE.


Example 1: Successful Ticket Generation Pattern

# #Thu Apr 01 20:29:06 PDT 2010
GETUSERNAME=null
WARNING=null
PASS_EXPIRY=-1
TICKET=5767ef44382712202e432d57da576b34
RESULT=TRUE

Example 2: Failure Ticket Generation Pattern

# #Thu Apr 01 20:34:34 PDT 2010
CAUSE=Username and Password do not match
RESULT=FALSE

 

Important Notes:

  • Your API ticket is valid for 7 days. After 7th day, you must generate a new ticket to work with Zoho CRM - API service. If you are not updating the application with a new ticket ID, you will receive 4834 - Invalid Ticket ID error response from API request.
  • You are strongly recommended not to generate API ticket for every API request. You can use the same ticket in your application for 7 days without any issues.
  • You can have only a maximum of 20 active sessions.  ( Note: A session is created every time a ticket is generated, and this session will be valid for a period of 7 days. )

If you have more than 20 active sessions, you will get a response like this:

CAUSE=Maximum Concurrent User Tickets Limit Exceeded
RESULT=FALSE

You can follow any of the following measures to avoid crossing the concurrent API sessions limit.

Reuse the API ticket: An API ticket once generated can be used for a period of 7 days. You have to generate a new ticket only after 7 days.

Logout: Clear/Logout the ticket after you have completed the operation.

An HTTPS POST request to clear/logout api ticket will look like this:

<form method="POST" action="https://accounts.zoho.com/logout" target="_self">
<input type="hidden" name="ticket" value="<ticket_value>">
<input type="hidden" name="FROM_AGENT" value="true">
</form>

Close Sessions: Go to https://accounts.zoho.com/ > Click Active Sessions > Click Close all other sessions.


Test Program

Here's a sample program to regenerate the API ticket after it becomes invalid.

Program

Related Topics

Release Notes | API Methods | Deprecated Methods
Examples | Error MessagesSubmit Apps | FAQ | Developer Forum


tk.ees 484 - days ago 
If you login via google seems you'll need to go into MyZoho and "change" your password so you HAVE a password.
prezentacje 208 - days ago 
what for do I need to generate API Ticket? iif I have to use API key in each method??
I thought that generating Ticket prevents for overusing API Key which should be used not so often.
halakuh 162 - days ago 
I have the same issue. We are forced to regenerate the API ticket every seven days? This seems like a lot of unnecessary work. The sample app to regenerate the API ticket is a Java app. We do not use Java and prefer to work in HTML/Javascript.. Plus the same app looks long and unnecessarily complex?


Is there not an easier way to simply regenerate the API ticket? Or have a permanent ticket.

Many people are doing long term integrations which will last much longer than 7 days. So it is a very unreasonable limitation with no easy workaround than writing java code!


Please help!
reevesie 125 - days ago 
I agree with halakuh.... doesn't seem like it's been practically thought through
eureka125 113 - days ago 
I also agree. This rotating ticket is absurd and just adds unwanted complexities to the API. Either require a login each time the API is accessed or a static ticket. Having a session that lasts for 7 days is ridiculous. I hope you change this soon or you will be losing clients to other CRM systems.
maheshkumar 112 - days ago 
Hi,

We can understand your difficulties in the generation of API ticket and its expiry in 7days. We are working on the permanent ticket concept. It is in the last stage of development phase. It will be updated soon.

Please bear with us.

Regards,
Mahesh.
Zoho CRM.
sanjmeh 74 - days ago 
I saw this post (updated 38 days back by Maheshkumar). What I understand here is we can use the API key only for 7 days and then generate another one which means our mailchimp integration will work for only 7 days. Are we on track to increase this limit? And why do we have a limit in first place?



 RSS of this page