Data integrity issue? New lead being created in *both* production and dev environments despite different keys


#1

We’re paying customers and we contacted support but they sent us here. Here is the problem:

I thought I was going crazy but it looks like contacts created via the api key for our test environment are showing up in both our production environment and our test environment.

We submitted screenshots (ticket #661015) to support of our code show the api key being used at runtime; not posting here for obvious security reasons.

What’s going on?


#2

Hi @jelling,

I was able to take a look between the two portals for you, and it looks like the contacts are being created in the non-development portal from an integration (HelloSign). I could be wrong, but the pathway looks like:

  1. API call from server to dev portal, creating contact
  2. Separate API call that pushes contact into HelloSign
  3. HelloSign is authorized into non-dev portal, creating test contact

Does that explanation make sense based on what you know about what you’re building?

I was able to look into this based on the Property History for each contact. Each contact has a ‘change source’ for each property, the change source for the dev portal was ‘API’ vs the non-dev has a change source of ‘Integration’, which occurs from a HubSpot Connect integration.

Let me know if that clears things up or if you have any follow ups.

Cheers,

Rob Ainslie


#3

That could explain it.

When you say "Separate API call that pushes contact into HelloSign” you
mean that HelloSign is linked to both our dev and production portals? If
so, can we just detach the HelloSign integration from the dev portal?

However, I don’t see any integrations in our dev portal:


#4

By that, I mean that it appears your API call is creating the contact in the dev portal (so, the HubSpot auth is properly directing the creation of the record) and that the record is then being created by the HelloSign integration in the non-dev portal. I don’t have insight inbetween those two steps as to why that’s the case. Does the ‘create contact’ process also post the record anywhere else?

It seems like they are disassociated processes and not a linear dev-portal > HelloSign > non-dev portal


#5

Hey Robert,

I think you’ve figured it out. HelloSign unfortunately does not
differentiate between test requests and real requests so what’s happening
is this (in case you anyone else has this problem):

Our e2e test runs against our dev env which is pointed at Hubspot Dev
instance, a contact is created as expected for the (ex. “
e2etest123@maverick401k.com”)

Our e2e test signs a document via HelloSign, indicating that it’s a test
signature

HelloSign tries to push a reference to the signed document to the Hubspot
contact. However, HelloSign doesn’t have a separate dev instance /
environment feature so it pushes it to the prod Hubspot integration.

Because there’s no matching contact for the signed doc, Hubspot or
HelloSign (dunno which) creates a new contact in the prod Hubspot
environment (“e2etest123@maverick401k.com”) and pushes the signed document
reference to it

Anyway, not Hubspot’s problem. We’ll take it up again with HelloSign.

Thanks.

Jon

Robert_Ainslie https://integrate.hubspot.com/u/robert_ainslie HubSpotter
July 14

By that, I mean that it appears your API call is creating the contact in
the dev portal (so, the HubSpot auth is properly directing the creation of
the record) and that the record is then being created by the HelloSign
integration in the non-dev portal. I don’t have insight inbetween those two
steps as to why that’s the case. Does the ‘create contact’ process also
post the record anywhere else?

It seems like they are disassociated processes and not a linear dev-portal