OAuth for CRM and scopes




We are having issues with uploading files/attachments to HubSpot since we’ve started using OAuth.

We used to upload files using filemanager/api/v2/files endpoint (which worked find with HubSpot API Key), but with OAuth it crashes and requires a 'content’ scope.

Adding ‘content’ to the list of scopes creates a new issue: http://import2.d.pr/R3uE/1UEsO6vn and this happens on any of our trial/dev portals: 505489, 2021855, 2567676, 2523080.

Any suggestions how to fix this?


@Anton_Litvinenko I have reached out internally to see if I can confirm this functionality or not.


@Anton_Litvinenko I have confirmed this is the case at the moment. An internal case has been made to fix the scope on the Oauth2 authorization. You can use the HAPI key currentely to access it until the scope of OAuth2 has been expanded to include this end point.


Peter, thanks for looking into this!

We are running several migrations into the HubSpot everyday for different customers and falling back to HAPI doesn’t seem like a good workaround as we have already rolled out OAuth per multiple suggestions from HubSpot reps.

We would appreciate a lot if HubSpot could come up with a quick temporary workaround for this issue until this is figured out and fixed completely?

Thank you! :bow:


@Anton_Litvinenko At the moment the only two ways to authenticate in are via OAuth and via Hapi key. I don’t have a timeline on when this is getting fixed but I am tracking the issue. I will let you know when it is resolved. OAuth should be up and running for everything else. If you run into any other issues with it please let me know.


@Anton_Litvinenko This should be resolved now. Can you please try again? thanks!


@Anton_Litvinenko To expand upon my previous comment. When making the call you will need to require the scope of files instead of content.


@pmanca Thanks!

  1. the Oauth dance with additional scope ‘files’ works correctly (there is still though this issue with requesting multiple scopes: Problem requesting multiple scopes using OAuth 2)

  2. the bigger concern is that it seems this scope is not enough: we have an import for portal id 2640795 where we have previously imported attachments, which we cannot delete now (customer wants us to run the reimport). We get error “This oauth-token does not have proper scope group permissions! (requires all of [content])” when making post https://api.hubapi.com/filemanager/api/v2/files/:id/full-delete request.


@Anton_Litvinenko I will look into if we are currently working on a way have multiple scopes at the same time.


@pmanca More importantly the actual upload of files still doesn’t work: whenever we post to post https://api.hubapi.com/filemanager/api/v2/files we get 403 response with message “This oauth-token does not have proper scope group permissions! (requires all of [content])” (notice the requirement for ‘content’ scope)


@Anton_Litvinenko I will reach back out to the developer who was working on this earlier to see if he can reproduce your error.


@Anton_Litvinenko I just heard back that there was a config setting in the new scope that wasn’t turned on. Can you please try again? Thanks for hanging with us as this is a completely new scope we just built out.


@pmanca It seems to be working now! Thanks! :bow: