Docs navigation

Authorizing OAuth CRMs

Cloud CRMs authenticate with OAuth rather than a pasted API key: you register Exovo as an app in the CRM, then click Authorize and log in once. Tokens are stored encrypted and refreshed automatically from then on.

The general shape

  1. Register an app in your CRM (a "connected app", "private app" or "OAuth client", depending on the vendor). The one value every CRM asks for is the redirect/callback URL — the CRM template page shows yours (https://<your-fqdn>/api/crm/oauth/callback) ready to copy.
  2. Enter the app's client ID and secret into the template fields on Admin → Integrations → CRM.
  3. Click Authorize. You're sent to the CRM's own login, grant access, and land back in the console with the status chip flipped to Authorized.

The Re-authorize button repeats step 3 whenever needed — after changing the CRM app's permissions, or if the CRM invalidates tokens (password resets and admin changes on some platforms).

Notes per provider family

  • Salesforce — create a Connected App with OAuth enabled and API scope; users need API access in their profile.
  • HubSpot — a private app with CRM scopes is the quickest route.
  • Zoho / Kommo / Pipedrive / Zendesk / Dynamics — standard OAuth client registration in each platform's developer/admin console; grant contact read (and write, if you want journaling and contact creation) scopes.

Troubleshooting

  • Bounced straight back with an error — the redirect URL registered in the CRM doesn't exactly match the one shown on the template page (scheme and host must match your FQDN).
  • Authorized but lookups fail — the granted scopes are too narrow; check the test panel trace for a 401/403 and widen the app's scopes, then re-authorize.
  • Works, then stops weeks later — the CRM revoked the refresh token (commonly after the authorizing user's password change). Re-authorize; consider a dedicated integration user.