Conversation
…it the right region Zoho (and other multi-data-center OAuth providers) return a data-center- specific API host as `api_domain` in their token and refresh responses, and the access token only works against that host. We dropped this field, so checks fell back to the default US host (www.zohoapis.com) and Zoho rejected the token with INVALID_TOKEN for any non-US (EU/IN/AU/JP/CN) account. Capture and persist `api_domain` from the token-exchange and refresh responses (preserving a previously captured value when a refresh response omits it). The dynamic-check runtime already reads `ctx.credentials.api_domain` with a www.zohoapis.com fallback, so no check change is needed. Strictly additive and guarded: `api_domain` is a Zoho-only field, so every other OAuth provider (GitHub, Google, etc.) stores nothing new and behaves byte-for-byte as before. Stored in plaintext alongside scope/token_type so the runtime can route requests to the correct regional host. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01AU5798EG3PQdRuYSPJgXmy
…omain fix(integrations): persist Zoho multi-DC api_domain so OAuth tokens hit the right region
|
The latest updates on your projects. Learn more about Vercel for GitHub.
2 Skipped Deployments
|
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
|
🎉 This PR is included in version 3.87.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is an automated pull request to release the candidate branch into production, which will trigger a deployment.
It was created by the [Production PR] action.
Summary by cubic
Persisted
api_domainfrom multi-DC OAuth providers (e.g., Zoho) so tokens target the correct regional host, fixing INVALID_TOKEN errors for non-US accounts. Also preserves the prior value on refresh when the provider omits it.api_domainin the credential vault and keep the previous value if a refresh omits it; single-DC providers remain unchanged.api_domainin OAuth controller types to pass through callback responses.Written for commit be592f7. Summary will update on new commits.