Upload an Attachment
Purpose
To attach a file to a record. You must include the attachment in the request with content type as multipart/form data.
Request Details
Request URL
{api-domain}/crm/v2/{module_api_name}/{record_id}/Attachments
Supported modules
Leads, Accounts, Contacts, Deals, Campaigns, Tasks, Cases, Events, Solutions, Products, Vendors, Price Books, Quotes, Sales Orders, Purchase Orders, Invoices, Custom, and Notes
Header
Authorization: Zoho-oauthtoken 100xx.d92d4xxxxxxxxxxxxx15f52
Scope
scope=ZohoCRM.modules.ALL
(or)
scope=ZohoCRM.modules.{module_name}.{operation_type}
(and)
scope=ZohoCRM.modules.attachments.{operation_type}
Possible module names
leads, accounts, contacts, deals, campaigns, tasks, cases, events, solutions, products, vendors, pricebooks, quotes, salesorders, purchaseorders, invoices, custom, notes
Possible operation types
ALL - Full access to attachments
WRITE - Edit attachment data
CREATE - Create attachment data
Parameters
- filefile, mandatory
Choose the attachment you want to upload.
Maximum allowed file size: 100 MB
Allowed file types: All the file types except .exe
Sample Request
Copiedcurl "https://zylkercorp.zohoplatform.com/crm/v2/Leads/1000000231009/Attachments"
-X POST
-H "Authorization: Zoho-oauthtoken 100xx.8cb99dxxxxxxxxxxxxx9be93.9b8xxxxxxxxxxxxxxxf"
-F "file=@attachment1.txt" (to upload file)
(or)
-F "attachmentUrl=https://www.zohocorp.com" (to upload link)1.0.0ES6
Copied//Get instance of AttachmentsOperations Class that takes recordId and moduleAPIName as parameter
let attachmentsOperations = new ZCRM.Attachment.Operations(moduleAPIName, recordId);
//Get instance of FileBodyWrapper class that will contain the request file
let fileBodyWrapper = new ZCRM.Attachment.Model.FileBodyWrapper();
/** StreamWrapper can be initialized in any of the following ways */
var filesToLoad = document.getElementById("attachment").files;
var file = filesToLoad[0];
/**
* param 1 -> fileName
* param 2 -> Read Stream
*/
let streamWrapper = new StreamWrapper.Model.StreamWrapper(null, file);
//Set file to the FileBodyWrapper instance
fileBodyWrapper.setFile(streamWrapper);
//Call uploadAttachment method that takes FileBodyWrapper instance as parameter
let response = await attachmentsOperations.uploadAttachment(fileBodyWrapper);Copiedvar listener = 0;
class UploadanAttachment {
async uploadAttachment() {
var url = "https://zylkercorp.zohoplatform.com/crm/v2/Leads/34770617711001/Attachments"
var parameters = new Map()
var headers = new Map()
var token = {
clientId:"1000.NPY9M1V0XXXXXXXXXXXXXXXXXXXF7H",
redirectUrl:"http://127.0.0.1:5500/redirect.html",
scope:"ZohoCRM.users.ALL,ZohoCRM.bulk.read,ZohoCRM.modules.ALL,ZohoCRM.settings.ALL,Aaaserver.profile.Read,ZohoCRM.org.ALL,profile.userphoto.READ,ZohoFiles.files.ALL,ZohoCRM.bulk.ALL,ZohoCRM.settings.variable_groups.ALL"
}
var accesstoken = await new UploadanAttachment().getToken(token)
headers.set("Authorization", "Zoho-oauthtoken " + accesstoken)
var filesToLoad = document.getElementById("attachment").files;
var file = filesToLoad[0];
var requestMethod = "POST"
var formDataRequestBody = new FormData();
formDataRequestBody.append("file", new Blob([file]),file.name);
var reqBody = formDataRequestBody
var params = "";
parameters.forEach(function(value, key) {
if (parameters.has(key)) {
if (params) {
params = params + key + '=' + value + '&';
}
else {
params = key + '=' + value + '&';
}
}
});
var apiHeaders = {};
if(headers) {
headers.forEach(function(value, key) {
apiHeaders[key] = value;
});
}
if (params.length > 0){
url = url + '?' + params.substring(0, params.length - 1);
}
var requestObj = {
uri : url,
method : requestMethod,
headers : apiHeaders,
body :reqBody,
encoding: "utf8",
allowGetBody : true,
throwHttpErrors : false
};
var result = await new UploadanAttachment().makeAPICall(requestObj);
console.log(result.status)
console.log(result.response)
}
async getToken(token) {
if(listener == 0) {
window.addEventListener("storage", function(reponse) {
if(reponse.key === "access_token" && (reponse.oldValue != reponse.newValue || reponse.oldValue == null)){
location.reload();
}
if(reponse.key === "access_token"){
sessionStorage.removeItem("__auth_process");
}
}, false);
listener = 1;
if(sessionStorage.getItem("__auth_process")) {
sessionStorage.removeItem("__auth_process");
}
}
["granted_for_session", "access_token","expires_in","expires_in_sec","location","api_domain","state","__token_init","__auth_process"].forEach(function (k) {
var isKeyExists = localStorage.hasOwnProperty(k);
if(isKeyExists) {
sessionStorage.setItem(k, localStorage[k]);
}
localStorage.removeItem(k);
});
var valueInStore = sessionStorage.getItem("access_token");
var tokenInit = sessionStorage.getItem("__token_init");
if(tokenInit != null && valueInStore != null && Date.now() >= parseInt(tokenInit) + 59 * 60 * 1000){ // check after 59th minute
valueInStore = null;
sessionStorage.removeItem("access_token");
}
var auth_process = sessionStorage.getItem("__auth_process");
if ((valueInStore == null && auth_process == null) || (valueInStore == 'undefined' && (auth_process == null || auth_process == "true"))) {
var accountsUrl = "https://zylkercorp.zohoplatform.com/oauth/v2/auth"
var clientId;
var scope;
var redirectUrl;
if(token != null) {
clientId = token.clientId;
scope = token.scope;
redirectUrl = token.redirectUrl;
}
var fullGrant = sessionStorage.getItem("full_grant");
var grantedForSession = sessionStorage.getItem("granted_for_session");
if(sessionStorage.getItem("__token_init") != null && ((fullGrant != null && "true" == full_grant) || (grantedForSession != null && "true" == grantedForSession))) {
accountsUrl += '/refresh';
}
if (clientId && scope) {
sessionStorage.setItem("__token_init", Date.now());
sessionStorage.removeItem("access_token");
sessionStorage.setItem("__auth_process", "true");
window.open(accountsUrl + "?" + "scope" + "=" + scope + "&"+ "client_id" +"=" + clientId + "&response_type=token&state=zohocrmclient&redirect_uri=" + redirectUrl);
["granted_for_session", "access_token","expires_in","expires_in_sec","location","api_domain","state","__token_init","__auth_process"].forEach(function (k) {
var isKeyExists = localStorage.hasOwnProperty(k);
if(isKeyExists){
sessionStorage.setItem(k, localStorage[k]);
}
localStorage.removeItem(k);
});
valueInStore = sessionStorage.getItem("access_token");
}
}
if(token != null && valueInStore != 'undefined'){
token.accessToken = valueInStore;
}
return token.accessToken;
}
async makeAPICall(requestDetails) {
return new Promise(function (resolve, reject) {
var body, xhr, i;
body = requestDetails.body || null;
xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.open(requestDetails.method, requestDetails.uri, true);
for (i in requestDetails.headers) {
xhr.setRequestHeader(i, requestDetails.headers[i]);
}
xhr.send(body);
xhr.onreadystatechange = function() {
if(xhr.readyState == 4) {
resolve(xhr);
}
}
})
}
}1.0.0ES6
Copied//Get instance of AttachmentsOperations Class that takes recordId and moduleAPIName as parameter
let attachmentsOperations = new ZCRM.Attachment.Operations(moduleAPIName, recordId);
//Get instance of FileBodyWrapper class that will contain the request file
let fileBodyWrapper = new ZCRM.Attachment.Model.FileBodyWrapper();
/** StreamWrapper can be initialized in any of the following ways */
var filesToLoad = document.getElementById("attachment").files;
var file = filesToLoad[0];
/**
* param 1 -> fileName
* param 2 -> Read Stream
*/
let streamWrapper = new StreamWrapper.Model.StreamWrapper(null, file);
//Set file to the FileBodyWrapper instance
fileBodyWrapper.setFile(streamWrapper);
//Call uploadAttachment method that takes FileBodyWrapper instance as parameter
let response = await attachmentsOperations.uploadAttachment(fileBodyWrapper);Copiedvar listener = 0;
class UploadanAttachment {
async uploadAttachment() {
var url = "https://zylkercorp.zohoplatform.com/crm/v2/Leads/34770617711001/Attachments"
var parameters = new Map()
var headers = new Map()
var token = {
clientId:"1000.NPY9M1V0XXXXXXXXXXXXXXXXXXXF7H",
redirectUrl:"http://127.0.0.1:5500/redirect.html",
scope:"ZohoCRM.users.ALL,ZohoCRM.bulk.read,ZohoCRM.modules.ALL,ZohoCRM.settings.ALL,Aaaserver.profile.Read,ZohoCRM.org.ALL,profile.userphoto.READ,ZohoFiles.files.ALL,ZohoCRM.bulk.ALL,ZohoCRM.settings.variable_groups.ALL"
}
var accesstoken = await new UploadanAttachment().getToken(token)
headers.set("Authorization", "Zoho-oauthtoken " + accesstoken)
var filesToLoad = document.getElementById("attachment").files;
var file = filesToLoad[0];
var requestMethod = "POST"
var formDataRequestBody = new FormData();
formDataRequestBody.append("file", new Blob([file]),file.name);
var reqBody = formDataRequestBody
var params = "";
parameters.forEach(function(value, key) {
if (parameters.has(key)) {
if (params) {
params = params + key + '=' + value + '&';
}
else {
params = key + '=' + value + '&';
}
}
});
var apiHeaders = {};
if(headers) {
headers.forEach(function(value, key) {
apiHeaders[key] = value;
});
}
if (params.length > 0){
url = url + '?' + params.substring(0, params.length - 1);
}
var requestObj = {
uri : url,
method : requestMethod,
headers : apiHeaders,
body :reqBody,
encoding: "utf8",
allowGetBody : true,
throwHttpErrors : false
};
var result = await new UploadanAttachment().makeAPICall(requestObj);
console.log(result.status)
console.log(result.response)
}
async getToken(token) {
if(listener == 0) {
window.addEventListener("storage", function(reponse) {
if(reponse.key === "access_token" && (reponse.oldValue != reponse.newValue || reponse.oldValue == null)){
location.reload();
}
if(reponse.key === "access_token"){
sessionStorage.removeItem("__auth_process");
}
}, false);
listener = 1;
if(sessionStorage.getItem("__auth_process")) {
sessionStorage.removeItem("__auth_process");
}
}
["granted_for_session", "access_token","expires_in","expires_in_sec","location","api_domain","state","__token_init","__auth_process"].forEach(function (k) {
var isKeyExists = localStorage.hasOwnProperty(k);
if(isKeyExists) {
sessionStorage.setItem(k, localStorage[k]);
}
localStorage.removeItem(k);
});
var valueInStore = sessionStorage.getItem("access_token");
var tokenInit = sessionStorage.getItem("__token_init");
if(tokenInit != null && valueInStore != null && Date.now() >= parseInt(tokenInit) + 59 * 60 * 1000){ // check after 59th minute
valueInStore = null;
sessionStorage.removeItem("access_token");
}
var auth_process = sessionStorage.getItem("__auth_process");
if ((valueInStore == null && auth_process == null) || (valueInStore == 'undefined' && (auth_process == null || auth_process == "true"))) {
var accountsUrl = "https://zylkercorp.zohoplatform.com/oauth/v2/auth"
var clientId;
var scope;
var redirectUrl;
if(token != null) {
clientId = token.clientId;
scope = token.scope;
redirectUrl = token.redirectUrl;
}
var fullGrant = sessionStorage.getItem("full_grant");
var grantedForSession = sessionStorage.getItem("granted_for_session");
if(sessionStorage.getItem("__token_init") != null && ((fullGrant != null && "true" == full_grant) || (grantedForSession != null && "true" == grantedForSession))) {
accountsUrl += '/refresh';
}
if (clientId && scope) {
sessionStorage.setItem("__token_init", Date.now());
sessionStorage.removeItem("access_token");
sessionStorage.setItem("__auth_process", "true");
window.open(accountsUrl + "?" + "scope" + "=" + scope + "&"+ "client_id" +"=" + clientId + "&response_type=token&state=zohocrmclient&redirect_uri=" + redirectUrl);
["granted_for_session", "access_token","expires_in","expires_in_sec","location","api_domain","state","__token_init","__auth_process"].forEach(function (k) {
var isKeyExists = localStorage.hasOwnProperty(k);
if(isKeyExists){
sessionStorage.setItem(k, localStorage[k]);
}
localStorage.removeItem(k);
});
valueInStore = sessionStorage.getItem("access_token");
}
}
if(token != null && valueInStore != 'undefined'){
token.accessToken = valueInStore;
}
return token.accessToken;
}
async makeAPICall(requestDetails) {
return new Promise(function (resolve, reject) {
var body, xhr, i;
body = requestDetails.body || null;
xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.open(requestDetails.method, requestDetails.uri, true);
for (i in requestDetails.headers) {
xhr.setRequestHeader(i, requestDetails.headers[i]);
}
xhr.send(body);
xhr.onreadystatechange = function() {
if(xhr.readyState == 4) {
resolve(xhr);
}
}
})
}
}Possible Errors
- INVALID_MODULEHTTP 400
The module name given seems to be invalid
Resolution: You have specified an invalid module name or there is no tab permission, or the module could have been removed from the available modules. Specify a valid module API name. - INVALID_MODULEHTTP 400
The given module is not supported in API
Resolution: The modules such as Documents and Projects are not supported in the current API. (This error will not be shown, once these modules are been supported). Specify a valid module API name. - INVALID_URL_PATTERNHTTP 404
Please check if the URL trying to access is a correct one
Resolution: The request URL specified is incorrect. Specify a valid request URL. Refer to request URL section above. - OAUTH_SCOPE_MISMATCHHTTP 401
Unauthorized
Resolution: Client does not have ZohoCRM.modules.attachments.CREATE scope. Create a new client with valid scope. Refer to scope section above. - NO_PERMISSIONHTTP 403
Permission denied to upload attachment
Resolution: The user does not have permission to upload attachments. Contact your system administrator. - INTERNAL_ERRORHTTP 500
Internal Server Error
Resolution: Unexpected and unhandled exception in Server. Contact support team. - INVALID_REQUEST_METHODHTTP 400
The http request method type is not a valid one
Resolution: You have specified an invalid HTTP method to access the API URL. Specify a valid request method. Refer to endpoints section above. - AUTHORIZATION_FAILEDHTTP 400
User does not have sufficient privilege to upload attachments
Resolution: The user does not have the permission to upload attachments. Contact your system administrator. - INVALID_DATAHTTP 400
the related id given seems to be invalid
Resolution: The related record ID specified in the URL is invalid. Refer to Get Related Records API to get valid related record IDs. - INVALID_DATAHTTP 415
invalid file type
Resolution: The attachment that you are trying to upload is of an unsupported file form (.exe). - FILE_SIZE_MORE_THAN_ALLOWED_SIZEHTTP 415
please check if the file size is in the correct range
Resolution: The attachment you are trying to upload exceeds the allowed size(100 MB). Ensure that the attachment being uploaded is within the prescribed range.
Sample Response
Copied{
"data": [
{
"code": "SUCCESS",
"details": {
"Modified_Time": "2021-05-05T05:33:33+00:00",
"Modified_By": {
"name": "Patricia Boyle",
"id": "738964000000291009"
},
"Created_Time": "2021-05-05T05:33:33+00:00",
"id": "738964000002118002",
"Created_By": {
"name": "Patricia Boyle",
"id": "738964000000291009"
}
},
"message": "attachment uploaded successfully",
"status": "success"
}
]
}