Skip to content

Zoho OAuth2 Keys

Service Name: Zoho

Service Description: Zoho is a cloud-based suite of business applications including CRM, mail, office tools, project management, and more. OAuth2 keys are used to authenticate and authorize API access to Zoho services.

Service Address: https://www.zoho.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through Zoho's security settings.

Secret Access Scope: Grants programmatic access to Zoho services based on the specific scopes requested during OAuth2 authorization. This can include access to CRM data, email, documents, and other Zoho applications.

Secret Revokement URL: https://accounts.zoho.com/home#security/

Secret Example: 1000.XXXXXXXXXXXXXXXXXXXXXXXXXXXX.XXXXXXXXXXXXXXXXXXXXXXXXXXXX

Suspicious Activity Investigation Instructions:

  • Review the OAuth2 token's access history in Zoho Admin Console.
  • Check API usage logs for unusual patterns or unauthorized access.
  • Verify the IP addresses that have used the token against your known IP ranges.
  • Review the scopes that were granted to the token to ensure they align with intended use.
  • Check for any data exports or unusual API calls made using the token.

Mitigation Instructions:

  • Log in to your Zoho account as an administrator.
  • Navigate to the Admin Console > Security > API Clients.
  • Locate the affected OAuth client and revoke its access.
  • Generate a new client secret if needed for legitimate applications.
  • Review and adjust the scopes granted to minimize permissions.
  • Consider implementing IP restrictions for API access if not already in place.
  • Update any applications or services that were using the compromised credentials.
  • Enable notifications for unusual API activity in your Zoho account settings.