OAuth 2.0 Scope error


#1

Hi,

When i tried to get a access token through postman, i always get a BAD_SCOPES error. I tried a verity of combinations of scopes, but none of them works. Our company has a Marketing starter account, which scopes should be used, or where can we identified the scopes should be used fro this purpose.


#2

@MichaelS Any of the scopes that have CRM next to it you can use.


#3

@pmanca
Hi Peter,
Actually, i have tried just include these scopes. However, i still get the same error.
https://app.hubspot.com/oauth/authorize?client_id=XXXXXX&scope=contacts%20timeline%20files&redirect_uri=https://www.hubspot.com”
Is this request looks correct for getting the authorization code?

Thanks,
Michael


#4

Can you post the error output that you get in Postman please.


#5

Sure, this is the error in response:
{
“status”: “BAD_SCOPES”,
“message”: “missing or invalid scopes”,
“correlationId”: “efc4405a-d139-41c1-8379-6af14ae34177”,
“requestId”: “e1d7ca62472b49373f7a91598b56537e”
}


#6

What if you tried just request for contacts. Does that work or do you receive the same error? Nothing immediately jumps out at me about your request that could be causing that.


#7

yes, i also tried just include the contacts scope, it also returns the same error.


#8

Do you have any of these boxes checked off in your app on your Dev Portal?

Any boxes checked off here would be required scopes in your OAuth call.


#9

After i logged in, i only got a “Marketing Dashboard”. I assume this is not the same thing with Dev Portal?
We have some test data under the 2318521, but seems it is not a Dev Portal. A Dev portal should looks like this, right?


#10

Any Box that is checked would be a required scope in your OAuth call. I would uncheck all of them and then try your call again.


#11

Hi, I think we bough the Marketing Dashboard and Sales Dashboard, other than the dev portal. Do it support OAuth call?


#12

This is what our dashboard look like.


#13

@yangj I’m not sure I understand your question. Can you please start a new post and add some more context to your question?


#14

Hi, this is a different problem i faced .

I wrote the code and received this json response:

{“refresh_token”:“xxx-xx-xx-xx-xx”,“access_token”:“xxxx”,“expires_in”:21600}

but access token is not getting stored on $myrs variable.

Here is the full code :

$cod=$_GET[“code”];

$url=“https://api.hubapi.com/oauth/v1/token?grant_type=authorization_code&client_id=x-x-x-x-x&client_secretxxxx&redirect_uri=https://www.myurl.com&code=”.$cod;

$agent= ‘Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322)’;

$ch = curl_init();
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, “POST”);
curl_setopt($ch, CURLOPT_HTTPHEADER, [‘Content-Type: application/x-www-form-urlencoded’]);
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL,$url);

$result=curl_exec($ch);

$rest= (json_decode($result, true));
$myrs=$rest[“access_token”];

How can i store the access token in a variable ?

Thank you!