Skip to content

Zoho CRM Token

Service Name: Zoho CRM

Service Description: Zoho CRM is a cloud-based customer relationship management platform that helps businesses manage sales, marketing, customer support, and inventory management in a single system.

Service Address: https://www.zoho.com/crm/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the organization level in Zoho CRM settings.

Secret Access Scope: Grants programmatic access to Zoho CRM data, including contacts, leads, accounts, deals, and other CRM modules based on the user's permissions.

Secret Revokement URL: https://accounts.zoho.com/home#security/

Secret Example: 1000.a1b2c3d4e5f6g7h8i9j0.a1b2c3d4e5f6g7h8i9j0

Suspicious Activity Investigation Instructions:

  • Review the Zoho CRM audit logs for unusual API calls or data access patterns.
  • Check for unauthorized data exports or bulk operations.
  • Monitor for changes to user permissions or settings.
  • Verify if there are any unusual login locations or times associated with the token usage.
  • Check for any new integrations or connected applications that were recently added.

Mitigation Instructions:

  • Log in to your Zoho Accounts at https://accounts.zoho.com/.

  • Navigate to the "Security" section.

  • Under "API Tokens" or "Connected Apps", locate the compromised token.
  • Click "Revoke" or "Delete" next to the token to invalidate it.
  • Generate a new token if needed, with appropriate scopes and permissions.
  • Consider implementing IP restrictions for API access in your Zoho CRM settings.
  • Review and update your organization's security policies for handling API tokens.
  • Enable two-factor authentication for all users with API access.