CRM Extension - authenticate for dataFetchUri call to external application API




I am new to Hubspot. I am trying to figure out how to setup CRM extension so that the call made to our application contains the required authentication header. I found the document to obtain the OAuth access token while making calls to Hubspot API but how does Hubspot sends the OAuth access (issued by our application) when CRM extension makes a call to our application to fetch data.

Thanks in advance.


Hi @dluthra,

The X-HubSpot-Signature header provides a way to verify requests are coming from HubSpot. You can read more about the X-HubSpot-Signature header in the following overview document:


Hi @Derek_Gervais ,

This header lets me verify the request but it does not help in identifying the user. The data returned varies for each user and hence we need the user information (or at least their organisation info) to show relevant data.



Hi @dluthra,

If the data being returned varies based on the HubSpot user accessing the record, you can use the userId and/or userEmail query parameters that are included in the initial data fetch request to identify the user. The data fetch request section of the article below has some more details on this: