How do you get OAuth API token without redirecting to a new URL?
Our integration will interact with the API strictly behind-the-scenes. Is there a way to get an OAuth API token without using a redirect? A redirect will not work for our integration.
Since this call would have to be made on the front-end using JavaScript (I assume) instead of the back-end, like most of the other parts of our integration, wouldn’t using the hapi key for that be a security risk?
Are there ways to identify a visitor that wouldn’t involve exposing the hapi key?
How do you get OAuth API token without redirecting to a new URL?
@Jacob - when using the ‘identify visitor’ call of the Tracking Code API, you don’t need to make an authenticated call. This JS function is consumed by the HubSpot Tracking Code (so, the JS tracking code needs to be on the page if using the JS identify call). It’s a way of connecting the browser cookie set by the tracking code to a specific contact, as known by their email address.
How do you get OAuth API token without redirecting to a new URL?
Okay. I can do that. I was under the impression that it was for testing and that production releases should use OAuth. Is it still okay to use the HAPI key in production in this instance?
How do you get OAuth API token without redirecting to a new URL?
A little more detail: Our integration is only for our company, not for our users. We have a system that captures client details that we want to synchronize to HubSpot to ensure we have the same data in both systems. All of the synchronization should happen behind-the-scenes through API calls.
The gist is that we want to authorize our external app, not our individual users. So how do we get an authorization token without the redirect_uri parameter? Can we generate it with the secret on our own using OAuth libraries?