Breaking change in the OAuth token scope permission


#1

Starting yesterday evening US time, a change in the access_token permission is preventing write access to the timeline API https://api.hubapi.com/integrations/v1/{appid}/timeline/event with tokens that have been able to write without issue for several months. These tokens are of scope “offline”. Here is the error we are getting:

{
“status”: “error”,
“message”: “This access_token (xxxxxxxxxxxxxxxxxxx) does not have proper permissions! (requires all of [timeline-write])”,
“correlationId”: “86425b2b-8d1e-4d75-a0f6-3944d63f735a”,
“requestId”: “4476105a-0835-4796-8988-253367ce27f4”
}


#2

Hi Jerome,

Sorry for the issues here. This was an unintentional break resulting from some changes made yesterday. This should be resolved now. Please let me know if you’re still seeing this issue.

Thanks,
-Paul


#3

Thank you, Paul, I confirm this has been resolved.


#4

Hello.
I’m newbie on hubspot API i have grunted timeline scope permissions. every time when i make request integrations/v1/123123/timeline/event i have error
"This oauth-token (access_token) does not have proper permissions! (requires all of [timeline-write])"

with parameters
req { method: ‘GET’,
headers:
{ ‘Content-Type’: ‘application/json’,
‘User-Agent’: ‘node-hubspot’,
‘Accept-Encoding’: ‘gzip, deflate’,
Authorization: ‘Bearer access_token’ },
encoding: null,
uri: ‘https://api.hubapi.com/oauth/v1/access-tokens/access_token?’ }
error null
res statusCode 200
body { Error: This oauth-token (access_token) does not have proper permissions! (requires all of [timeline-write]) }
{ id: ‘3’,
eventTypeId: ‘123’,
email: ‘joe@acme.com’,
extraData: { name: ‘JohnDoe’, weather: ‘Cloudy’ } }
req { method: ‘PUT’,
headers:
{ ‘Content-Type’: ‘application/json’,
‘User-Agent’: ‘node-hubspot’,
‘Accept-Encoding’: ‘gzip, deflate’,
Authorization: 'Bearer access_token },
encoding: null,
uri: ‘https://api.hubapi.com/integrations/v1/30366/timeline/event?id=3&eventTypeId=123&email=joe%40acme.com&extraData=’ }
error null
res statusCode 403
b