Retrieving your organization's logo from Zoho Desk is straightforward via a single REST API call, provided you have a valid access token and know your organization ID.
Why this matters
When building custom portals, help-center themes, or internal dashboards that integrate with Zoho Desk, you often need to display the organization's branding. The logo endpoint lets you fetch that asset programmatically rather than managing it manually. This is also useful for multi-tenant setups where each organization may have a distinct logo.
Step-by-step
Step 1. Ensure you have the correct OAuth scopes.
Before making any Zoho Desk API call, confirm your OAuth token was issued with at least Desk.basic.READ in its scope list. This scope covers organizations, agents, and departments — the category that the logo endpoint falls under. [8]
Step 2. Obtain your organization ID.
The logo endpoint requires a valid organization_id. If you don't already have it stored, call the organizations listing endpoint first. Parse the response for the id field inside the data array — for example, orgs["data"][0]["id"] — and store it for reuse. In automated setups, this value is typically persisted to your database so you don't need to re-discover it on every request. [^2, ^3]
orgs = api.get_all_organizations(p={})
if "data" in orgs and orgs["data"]:
org_id = str(orgs["data"][0].get("id", ""))Step 3. Call the logo endpoint.
With your organization_id in hand, issue a GET request to:
GET /api/v1/organizations/{organization_id}/logoUsing the Python client wrapper, this looks like: [1]
def get_organization_logo(self, organization_id: str, p: dict = None):
return self.c.request("GET", f"/api/v1/organizations/{organization_id}/logo", p, None)Pass your organization_id as a string and an optional query-parameter dictionary as p. [1]
Step 4. Handle token expiry gracefully.
Access tokens expire. Build a token-refresh callback that reads the latest refreshtoken from your data store, calls the OAuth refresh endpoint, and writes the new accesstoken and its expiry back before retrying the request. Without this, logo fetches will fail silently after the token window closes. [2]
Step 5. Persist the org ID to avoid repeated discovery.
Once you have confirmed the organizationid, save it (e.g., as deskorg_id on the user or connection record). On subsequent calls you can skip the organizations listing step entirely and go straight to the logo endpoint. [4]
Common pitfalls
- Missing
Desk.basic.READscope. If this scope was not included when the OAuth connection was first authorized, the logo endpoint will return an authorization error. You will need to re-authorize the connection with the correct scopes. [8] - Empty or whitespace
orgid. Passing a blank string asorganizationidwill produce a malformed URL. Always call.strip()on the discovered value and validate it is non-empty before constructing the request. [^2, ^4] - Stale access token with no refresh logic. If your integration does not implement a
tokenrefreshercallback, any long-running process will eventually receive 401 errors. Ensure the refresher updates bothaccesstokenandtokenexpiresatin your store. [2] - Response format assumptions. The organizations endpoint can return either a dict with a
datakey or a plain list depending on API version and configuration. Check for both shapes before extracting the ID. [3]
What to check
- Scope confirmation: Verify that
Desk.basic.READappears in the scopes granted to your OAuth client before testing the logo endpoint. [8] - Organization ID validity: After discovery, log or print the
org_idvalue and confirm it is a non-empty numeric string matching your Zoho Desk portal. [3] - Token refresh path: Simulate a token expiry (or wait for natural expiry) and confirm your refresh callback successfully obtains a new
access_tokenand the logo request retries without manual intervention. [2]
---
*Beam Help provides independent expert support for Zoho — we are not official Zoho support. For platform-level issues, contact Zoho directly.*