Zoho Api Oauth v.2 | Why does it want to sign in at the User Authorization Request?

0
votes

I read it; (https://sheet.zoho.com/help/api/v2/#authorization)

enter image description here

Note: I know for a fact the URL is working. If I copy and paste it in the browser, everything is fine.

How do I get this code(Authorization) on my server side?

I'm trying this on my server (php-curl):

<?php
$uri = 'www.xxx.com/zoho_return.php';
$scope = 'ZohoSheet.dataAPI.UPDATE,ZohoSheet.dataAPI.READ';
$clientid = '1000.XXXXXXXXXXXXXXX';
$zoho_client_secret = 'XXXXXXXXXXXXXXXXXXXXX';
$accestype = 'offline';
$ch = curl_init();
$url = 'https://accounts.zoho.com/oauth/v2/auth?scope=' . 
       $scope . '&client_id=' . $clientid . '&response_type=code&access_type=' . 
       $accestype . '&redirect_uri=' . $uri . '';
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT ,0);
curl_setopt($ch, CURLOPT_TIMEOUT, 0);
$html = curl_exec($ch);
$redirectURL = curl_getinfo($ch,CURLINFO_EFFECTIVE_URL );
curl_close($ch);
echo 'redirectURL: '.$redirectURL.'<br><br>';
echo 'header: '.$html;

Response on chrome:

redirectURL: https://accounts.zoho.com/oauth/v2/auth?scope=ZohoSheet.dataAPI.UPDATE,ZohoSheet.dataAPI.READ&client_id=1000.XXXXXXXXXXXXXXX&response_type=code&access_type=online&redirect_uri=www.xxx.com/zoho_return.php

header: HTTP/1.1 302 Found Server: ZGS Date: Fri, 26 Oct 2018 22:48:43 GMT Content-Length: 0 Connection: keep-alive Set-Cookie: a8c61fa0dc=8db261d30d9c85a68e92e4f91ec8079a; Path=/; Secure; HttpOnly X-Content-Type-Options: nosniff X-XSS-Protection: 1 Set-Cookie: iamcsr=108a1f8a-29cf-4408-bbaf-113f8c42a3d7;path=/;Secure;priority=high Pragma: no-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT X-Frame-Options: SAMEORIGIN Location: https://accounts.zoho.com/signin?servicename=AaaServer&serviceurl=%2Foauth%2Fv2%2Fauth%3Fscope%3DZohoSheet.dataAPI.UPDATE%252CZohoSheet.dataAPI.READ%26client_id%1000.XXXXXXXXXXXXXXX%26response_type%3Dcode%26access_type%3Donline%26redirect_uri%3Dhttp%253A%252F%252Fxxx.com%252Fzoho_return.php Strict-Transport-Security: max-age=15768000

1
phpapizoho

1 Answers

2
votes

Zoho CRM API v2 supports only Authorization Code Grant which works in the browser as you mentioned.

The case here is that you have to use Password Grant to get the access token directly if you have a valid credentials which is not supported by Zoho.

You need to do some research about the OAuth 2.0.

Simply the answer is "You can not get the Authorization Code from your PHP code".