OAuth Authentication
The Zoho Contracts API uses the OAuth2.0 protocol for authentication. It is an industry-standard protocol specification that enables third-party applications (clients) to gain delegated access to protected resources in Zoho via an API.
Why OAuth 2.0 is recommended?
- Clients are not required to support password authentication or store user credentials.
- Clients gain delegated access, i.e., access only to resources authenticated by the user.
- Users can revoke the client's delegated access any time.
- OAuth2.0 access tokens expire after a set time. If the client faces a security breach, only the user data will be compromised until the access token is valid.
How OAuth 2.0 works?
