Authentication for single send API


#1

Hi,

I want to use the single send API to send transactional email. However, when I make the call, it gives a 401 “Unauthorized access”, which makes sense because it needs authentication.

For authentication, can I use OAuth2.0 or do I have to use API keys? I need to do this programmatically as there is no user sitting there who can click to grant authorization.

I actually tried using the HAPIkey, but it still returns a 401 unauthorized access error.

I did a POST to “https://api.hubapi.com/email/public/v1/singleEmail/send?hapikey=my_hapi_key” and passed in this data:
{
‘emailId’ => EMAIL_ID,
‘message’ => {
‘to’ => ‘some@email.com’
},
‘contactProperties’ => [
{
‘name’ => ‘firstname’,
‘value’ => ‘xxxxx’,
},
{
‘name’ => ‘hubspot_owner_id’,
‘value’ => ‘xxxxxxx’,
}
],
}
My header was { ‘Content-Type’: ‘application/json’ }
And got this error as response:
{:code=>"401", :message=>"Unauthorized", :body=>"{\"status\":\"error\",\"message\":\"Any of the listed authentication credentials are missing\",\"correlationId\":\"xxxxxxx\",\"engagement\":{\"vendorkey-gae\":\"vendorkey-gae not engaged. Vendorkey not found in request headers.\",\"hapikey\":\"hapikey not engaged. hapikey is not present in query params.\",\"oauth-token\":\"oauth-token not engaged. OAuth access token not found in request header.\",\"access_token\":\"access_token not engaged. Token not found in query params.\",\"shhkey-v1\":\"shhkey-v1 not engaged. Shhkey not found in the request header.\",\"internal-cookie\":\"internal-cookie not engaged. Cookie not found in the request.\",\"app-cookie\":\"app-cookie not engaged. App cookie is not present on the request.\",\"legacy-app-cookie\":\"legacy-app-cookie not engaged. Auth cookie is not present in the request.\",\"saml-redirect\":\"Not engaged, HubId not specified on the request, cannot identify Identity Provider. is missing\"},\"requestId\":\"xxxxxxx\"}

-Can someone please help me get my single send requests working?
I have two accounts on hubspot now - my main company account, and my dev account
-Related question: should I use hapikey from the main account for single send email or my dev account?
-One more question. . Are client ID and client secret same for both of these accounts?


#2

@pdata Do you have the Transactional Email add-on? This feature is only for those who pay for the add-on

You will have to generate a SMTP token to use as authentication for the single-send API. You can do that in the email tool.


#3

@pmanca

Thanks for your reply! I have generated a token and securely saved the username and password. How can I use this to send the email? Do I pass the username/password in with contactProperies/customProperties params?

Can you give an example of that usage please?


#4

@pdata Sorry if I mislead you the tokens are just for the SMTP API. my apologies on that. You should be able to use your API key to your main account. When you tested that before were you using the API key for your dev account or your main account?


#5

@pmanca
No worries. Yes, I tested with the API key to the main account (that has the Email add on package). I still get a 401 error.

I am posting to this URL: "https://api.hubapi.com/email/public/v1/singleEmail/send?hapikey=#{hapikey}"
I am using SSL
Header is:
{“content-type” => “application/json”}

Data is:
{“emailId”=>“xxxxx”, “message”=>{“to”=>“xxxxxx”}, “contactProperties”=>[{“name”=>“firstname”, “value”=>“xxxx”}, {“name”=>“some_field_name”, “value”=>“xxxxx”}, {“name”=>“some_field_name”, “value”=>“xxxxxxx”}]}

But the error I am getting is:
{:code=>“401”, :message=>“Unauthorized”, :body=>"{“status”:“error”,“message”:“Any of the listed authentication credentials are missing”,“correlationId”:“xxxxxxxx”,“engagement”:{“vendorkey-gae”:“vendorkey-gae not engaged. Vendorkey not found in request headers.”,“shhkey-v1”:“shhkey-v1 not engaged. Shhkey not found in the request header.”,“access_token”:“access_token not engaged. Token not found in query params.”,“hapikey”:“hapikey not engaged. hapikey is not present in query params.”,“oauth-token”:“oauth-token not engaged. OAuth access token not found in request header.”,“app-cookie”:“app-cookie not engaged. App cookie is not present on the request.”,“internal-cookie”:“internal-cookie not engaged. Cookie not found in the request.”,“legacy-app-cookie”:“legacy-app-cookie not engaged. Auth cookie is not present in the request.”,“saml-redirect”:“Not engaged, HubId not specified on the request, cannot identify Identity Provider. is missing”},“requestId”:“xxxxxxxx”}"}


#6

@pdata How long have you had the trial? Was that HAPIkey generated before you got the add-on? I wonder if the scopes tied to the key are out of date.


#7

@pmanca

Yes, the API key was generated before we got this add-on. Can you verify in your system if the scopes are out of date? I can deactivate the current key and generate a new one but that’s gonna be a bit disruptive and I would like to avoid doing that if possible.


#8

@pdata I’m still trying to find the right answer but I reached out to the engineering team and have confirmed that it shouldn’t matter when your API key was made. So you do not need to deactivate it.


#9

@pmanca it’s been an ongoing query for TWO weeks now. can you get me answer soon, or escalate it to your supervisor?


#10

@pdata I passed this along and here are the thoughts from my supervisor

The error they’re getting is pretty suspect. You wouldn’t normally get that “authentication credentials are missing” error unless the request was missing an auth type (so no hapikey or access_token or anything), or if there was some other problem with the auth type provided that we couldn’t tell which type of auth they meant to use. There may be a formatting problem with the URL they’re using, or they’re not actually including the hapikey at all. The error message includes “hapikey”:“hapikey not engaged. hapikey is not present in query params.”, which would mean it’s either not actually in the request URL, or formatted so poorly that we can’t actually tell (might happen if the query param is empty too, not 100% sure off the top of my head though).

If there was an actual problem with the key or account accessing transactional email, I think we return a 403 and not a 401, since in that case the key would be good, so we’d know who they are, but they wouldn’t have access to the specific thing they’re trying to access.


#11

@pmanca

In this message is my entire code. As you can see, I AM using the hapikey in the url. Please take a look or show this to your supervisor and point to the specific problem.

toSend = {
  "emailId": xxxxxxxx,
  "message": {
    "to": "example@hubspot.com"
  }
}
uri = URI.parse("https://api.hubapi.com/email/public/v1/singleEmail/send?hapikey=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx")
https = Net::HTTP.new(uri.host,uri.port)
https.use_ssl = true
req = Net::HTTP::Post.new(uri.path, initheader = {'Content-Type' =>'application/json'})
req.body = "[ #{toSend} ]"
res = https.request(req)
puts "Response #{res.code} #{res.message}: #{res.body}"

I am still getting the same 401 error


#12

@pdata
Can you post the actual network call that you are making? So the output of the code above? I’ll be happy to hand that part off.

Also what does this line do? Are you using your own cert?

https.use_ssl = true