Identify the data center where the user's Zoho account is hosted (US: accounts.zoho.com, EU: accounts.zoho.eu, IN: accounts.zoho.in, AU: accounts.zoho.com.au, JP: accounts.zoho.jp, CA: accounts.zohocloud.ca)
POST to https://{data-center-accounts-domain}/oauth/v2/token with grant_type=refresh_token, client_id=YOUR_KEY, client_secret=YOUR_KEY, and refresh_token=YOUR_TOKEN
Parse the access_token from the JSON response — it is valid for one hour
Store the new access_token and use it in the Authorization header as Bearer YOUR_TOKEN for subsequent Zoho CRM API calls
The API base URL also varies by data center (e.g., www.zohoapis.com for US, www.zohoapis.eu for EU) — ensure your API calls use the matching regional domain
Known gotchas
Using the wrong data center domain for the token endpoint returns an invalid_client or redirect error — always match the domain to where the user registered
Zoho refresh tokens can expire if unused for an extended period or if the user revokes access — handle refresh failures by re-initiating the OAuth flow
The token endpoint returns a new access_token but does not always return a new refresh_token; keep the original refresh_token unless a new one is explicitly provided
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp