Hi @Charlie_Moad, I think you may be thinking of HubSpot's OAuth 2.0 flow in a way that's not indicative of the way that it's intended to function. What you describe sounds to me like an SSO type functionality sort of like when you sign into another platform with Google or with Facebook. HubSpot's OAuth flow is not a sign in flow -- it's a process for installing an app to a HubSpot account. I'd liken the OAuth flow to installing a game from the the App store on your iPhone. You must have an iPhone or Android, must have access to the app store, and must have a credit card to pay for the game, but once the game is installed, any person who is using your phone can play it.
The way that HubSpot OAuth should work is that you have an application in your Developer Account that requests access to a few specific scopes. The scopes being requested must be tools that the Account that's installing the application has access to (example: if my app in its settings here: https://app.hubspot.com/developer/4584217/application/170185 requests access to Content, but my main production account does not have access to landing pages or any type of content tools, the app won't be able to be installed). Further, the user who installs the application must have access to those tools as well. We normally suggest Super Admins to install the application, but there are situations in which non-Super Admins can install apps.
When the user goes to install an app and gets directed to this page:
the application is asking for which account they should generate Access and Refresh Tokens for. When the user confirms the scopes the app is requesting, HubSpot generates those tokens specific to the user, but the app can then be used by all users who have access to those scopes within the account. So the application is really an account-wide thing.
By having multiple users from the same account use your app and "sign in", you're technically just having them re-auth your app into the same portal, generating different refresh and access tokens each time.
If you need some more info on how OAuth in HubSpot works, I'd highly recommend reading this resource: https://medium.com/@darutk/diagrams-and-movies-of-all-the-oauth-2-0-flows-194f3c3ade85 and this topic:
OAuth contact permission flow