Migrating from OAuth1 to OAuth2.0 - where is my client_secret?



I am collecting data by using the Contacts endpoint.
This is the URL that I am using:

I would get the HUBSPOT_TOKEN by calling the auth endpoint
With the refresh_token, client_id and grant_type as variables being passed.

I do not have an API calling this from hubspot. I am calling this from a script on my servers to be able to enter the information into our local tables.
With the new OAuth2.0 I’ve read that you need to pass the client_secret to be able to get the access_token. I do not have a client_secret and do not know where to find it.

Would someone be able to tell me where to find my client_secret and If I am not supposed to have a client_secret because I do not have an API, can someone explain to me how I am supposed to use the Contacts endpoint with OAuth2.0.

I am aware that everything is being migrated to OAuth2.0 from OAuth1 and I do not want to lose any of my data or have my script stop running.

TIA for your help!


@Matrox You can find it under the app on your developers account. You should be able to see both your client ID and client secret there.

Do you have access to your developer’s account?


The thing is I do not have an APP calling the endpoint.

Yes I have access to the developers account, I have my client ID but not the client secret.

On my developers account the only thing I can find there is the HAPIkey. My other option is to create my first app. This is how I know that I have no app calling this.

This is a setup that I have inherited so I am not the person who set it up originally.

Any other ideas?


@Matrox I’m not incredibly familiar with out OAuth 1 set up as it is older. maybe @zwolfson has a few ideas? Would it be out of the question for you to create a new app and redo the logic in your script?