Error authenticating users using OAuth1.0


Hi All,

We are still using OAuth1.0 for authenticating users. We have noticed the HubSpot authentication process is suddenly stopped working on our production server and it is giving the following error.

Expected parameters are missing or invalid (portalId). Please check to make sure you have the correct link, perhaps it was copied/pasted incorrectly?

Please let us know if anything changed on the API.



@Raj_Chidambaram We deprecated OAuth 1.0 in the fall. We had initially grandfathered in the current apps that were using it. We have been slowly taking away that permission however. I would advise if you can to update your authentication to OAuth 2.0 as it is much more secure.


HI @pmanca,

We knew that OAuth 1.0 is deprecated and we have the roadmap to migrate to OAuth 2.0. But we are wondering why the API has suddenly stopped working. We have been using this authentication process on our production server ever since we have launched our application few years back. But now it is broken suddenly. Could you help us investigating this issue? We need this until we migrate to OAuth 2.0.



@Raj_Chidambaram can you give me the app ID of the app that is no longer working? I will check in and see if I can find anything.

We are starting to get stricter and stricter for OAuth 2.0, let me check back with the engineering team but some day having OAuth 1.0 might pose a problem for you.


@pmanca ,

Our App id is 25487. We are using OAuth 1.0 primarily just to authenticate users to make sure they have valid HubSpot account. So it would be great if you can look into the /auth/authenticate endpoint. When we call this endpoint, it gives us en error in the browser currently. But it does not give any error when the users are already logged in. We are not sure when it stopped working. I have seen this behavior few months back and thought it was network related issue when I got it working after the retry.



@Raj_Chidambaram I reached out to engineering to see if your app had been grandfathered in or not. I will let you know when I hear back. You should start to plan on moving your authentication process to OAuth 2.0


@Raj_Chidambaram I heard back from our engineering department. In regards to your error here is what they say the problem could be.

“That would happen if you tried to send someone to the oauth 1 authorization URL with a missing or bad portal ID:”

Also this was another piece of advise from them
"If that’s only happening for a specific customer, they probably just mistyped their hubid, but if they’re seeing it for everyone they may be formatting the URL wrong. "

Can you confirm that this is happening for everyone or for one individual?


Hi @pmanca,

The OAuth URL is actually issuing 302 redirect on your server to allow users to login. The required parameters appear to be missing or you are not sending the portal id information to OAuth server after the login. So, this issue appears to be on your side.

I have messaged you the entire URL since I cannot share here.