Authentication - Serverless Functions

Authentication - Serverless Functions

Authentication Method

A serverless function within your CRM can be invoked from any third-party application or within the CRM. However, commonly not all of the applications support a single authentication method. Keeping that in mind, we have two methods that you can use to execute the function. One of them would be using the API Key authentication method, which can be used by either you or others to invoke the function from anywhere. The other is the OAuth2 method.

The difference between API Key and OAuth2 lies in the mode of authentication. API Key has to be authenticated in the Request URL and not as a header.

Serverless Functions can be authenticated through the following methods:

Run your application serverless with the latest and more secure mode of authentication.
The simplest and the fastest way to enable authentication for your applications.

API Key authentication is used to inform Zoho that the incoming client can access the data from the CRM. However, you can set up permissions to limit the level of access that the service or the developer has over the info. Although the API key is impressively simple, the downside to it is in not keeping up with the current authentication methods.

OAuth authentication is different in the obvious fact that the level of security is up by a notch with the addition of access and refresh tokens. Each access token may provide access to a specific set of data from your CRM, but with some additional permissions like “read-only”.
    • Related Articles

    • Overview - Serverless Functions

      Serverless architecture, also known as “Function-as-a-service”(Faas), provides a platform for developers to execute their own codes in response of various business events. In Zoho CRM, all these codes can be written through deluge scripts and can be ...
    • Using API Key - Serverless Functions

      Introduction A severless function within your CRM can be invoked from any third-party application or within the CRM using a webhook. However, generally most of the webhooks do not support OAuth2, save for a few of them. In that case, you can execute ...
    • Using OAuth2 - Serverless Functions

      Introduction Functions can be made accessible through OAuth2 protocol. OAuth2 method allows you to share specific data with any application while keeping your usernames and passwords private, by having specific scopes which grant access to specfic ...
    • Types of Inputs - Serverless Functions

      The input for the function can be acquired in the following types Parameters Parameters are passed in URL of query string and the data passed in the post "form-data" section in an input. The "params" in the crmAPIRequest map contains these parameters ...
    • Request and Response Object - Serverless Functions

      Request object You can get the entire Request Object within the function using the "crmAPIRequest" argument. Say you've created a function and defined 2 arguments. Now you need to use the same function in 2 different webhooks, each of which might ...