We have some outside developers working on a web app that we’d like to feed customer data into our Hubspot portal. My exec team has decided that our business intel is too valuable to let our devs have carte blanche with the contact data.
Is there a way to limit certain aspects of the API integration? Is there a way to make sure they don’t just issue a get command to our entire contact base and make off with our painstakingly researched and built lists?
I had previously told the execs that if they have OAuth or API key access - they have it all. Is this true?
EDIT: It would be really great if we could limit their authorization scope to only ‘Contact Properties API’ is there a way to do this?