PHPackages                             bybrand/oauth2-zohodesk - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. bybrand/oauth2-zohodesk

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

bybrand/oauth2-zohodesk
=======================

Zoho Desk Provider for PHP League's OAuth 2.0 Client

v1.0.7(5y ago)79.2k—10%1MITPHPCI failing

Since Oct 15Pushed 5y ago1 watchersCompare

[ Source](https://github.com/bybrand/oauth2-zohodesk)[ Packagist](https://packagist.org/packages/bybrand/oauth2-zohodesk)[ RSS](/packages/bybrand-oauth2-zohodesk/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependencies (3)Versions (9)Used By (0)

Zoho Desk Provider for PHP OAuth 2.0 Client
===========================================

[](#zoho-desk-provider-for-php-oauth-20-client)

This package provides Zoho Desk OAuth 2.0 support for the PHP League's [OAuth 2.0 Client](https://github.com/thephpleague/oauth2-client).Initially, this module was used for the integration of [Bybrand](https://www.bybrand.io) with Zoho Desk and is in production (needs improvement).

First, you can do get Client ID and Client Secret in "Zoho Developer console". Full documentation, can be see in [Zoho documentation](https://www.zoho.com/developer/).

Installation
------------

[](#installation)

```
composer require bybrand/oauth2-zohodesk

```

Usage
-----

[](#usage)

This is a instruction base to get the token, and in then, to save in your database to future request. The method `getResourceOwner` return your first organization, via `/api/v1/organizations`. See more in Zoho Desk documentation [Get all organizations](https://desk.zoho.com/support/APIDocument.do#Organizations#Organizations_Getallorganizations)

You do not need get `getResourceOwner` if you not need.

```
use Bybrand\OAuth2\Client\Provider\ZohoDesk as ProviderZohoDesk;;
use League\OAuth2\Client\Provider\Exception\IdentityProviderException;

$params = $_GET;

$provider = new ProviderZohoDesk([
    'clientId'     => 'key-id',
    'clientSecret' => 'secret-key',
    'redirectUri'  => 'your-url-redirect',
]);

if (!empty($params['error'])) {
    // Got an error, probably user denied access
    $message = 'Got error: ' . htmlspecialchars($params['error'], ENT_QUOTES, 'UTF-8');

    // Return error.
    echo $message;
}
if (!isset($params['code']) or empty($params['code'])) {
    // If we don't have an authorization code then get one
    $authorizationUrl = $provider->getAuthorizationUrl([
        'scope' => [
            'Desk.basic.READ',
        ]
    ]);

    // Get state and store it to the session
    $_SESSION['oauth2state'] = $provider->getState();

    header('Location: '.$authorizationUrl);
    exit;
// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($params['state']) || ($params['state'] !== $_SESSION['oauth2state'])) {
    unset($_SESSION['oauth2state']);

    // Set error and redirect.
    echo 'Invalid stage';
} else {
    try {
        // Try to get an access token (using the authorization code grant)
        $token = $provider->getAccessToken('authorization_code', [
            'code' => $params['code']
        ]);

        // Retriave a first Zoho Desk organization.
        $organization = $provider->getResourceOwner($token);
    } catch (IdentityProviderException $e) {
        // Error, HTTP code Status
    } catch (\Exception $e) {
        // Error, make redirect or message.
    }

    // Save organization data.
    $id   = $organization->getId(),
    $name = $organization->getOrganizationName(),

    // Use this to interact with an API on the users behalf
    echo $token->getToken();
}

```

Please, for more information see the PHP League's general usage examples.

Refreshing a Token
------------------

[](#refreshing-a-token)

Zoho Desk token refresh is sent only with `accessType` set to offline. It is important to note that the refresh token is only returned on the first request after this it will be `null`.

You can do revoke access to get the token refresh in a second request. Visit  and navigate to Connected Apps.

```
$provider = new ProviderZohoDesk([
    'clientId'     => 'key-id',
    'clientSecret' => 'secret-key',
    'redirectUri'  => 'your-url-redirect',
    'accessType'   => 'offline' // Use only for refresh token.
]);

$token = $provider->getAccessToken('authorization_code', [
    'code' => $code
]);

// Persist the token in a database.
$refreshToken = $token->getRefreshToken();

```

See more details in [Generating Access Token From a Refresh Token](https://desk.zoho.com/support/APIDocument.do#Authentication#Using_RefreshToken) Zoho Desk Docs.

Testing
-------

[](#testing)

```
bash
$ ./vendor/bin/phpunit

```

or individual method test, by group.

```
bash
$ ./vendor/bin/phpunit --group=Zoho.GetResourceOwner

```

License
-------

[](#license)

The MIT License (MIT). Please see [License File](https://github.com/bybrand/oauth2-zoho/blob/master/LICENSE) for more information.

###  Health Score

35

—

LowBetter than 80% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity29

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity67

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~117 days

Recently: every ~206 days

Total

8

Last Release

1940d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/0db1c7d7836cb218fe710bb074fa076dad1961a92e31ccbf6e7528ab7a8d07cf?d=identicon)[bybrand](/maintainers/bybrand)

---

Top Contributors

[![ursoforte](https://avatars.githubusercontent.com/u/578063?v=4)](https://github.com/ursoforte "ursoforte (12 commits)")

---

Tags

phpapiAuthenticationoauth2authorizationZohozoho-desk

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/bybrand-oauth2-zohodesk/health.svg)

```
[![Health](https://phpackages.com/badges/bybrand-oauth2-zohodesk/health.svg)](https://phpackages.com/packages/bybrand-oauth2-zohodesk)
```

###  Alternatives

[andalisolutions/oauth2-anaf

Anaf OAuth 2.0 support for the PHP League's OAuth 2.0 Client

194.1k](/packages/andalisolutions-oauth2-anaf)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)