OAuth integration problem (You do not have the correct role to grant these permissions)


#1

Hello,

I created a HubSpot integration that works fine with hapikey authorization. However, when I try to switch to OAuth 2.0, I always get this error message:

Uh oh!
You do not have the correct role to grant these permissions. Please contact your administrator.

I use this URL:

https://app.hubspot.com/oauth/3987592/authorize?response_type=code&client_id=<clientid>&redirect_uri=<redirecturi>&scope=content%20files%20contacts&state=<state>

And I have these scopes activated at the app details page: Basic OAuth functionality, Contacts, Content, Files

Is there something I am missing? I am using a developer account and when I look at my profile, it says Super Admin, so I guess I should be able to grant all permissions. My App ID is 56047.

Thanks for any help.
Filip


#2

Hi @Filip_Rachunek,

Just to make sure that we’re on the same page, are you trying to authorize this integration in your developer portal, or a test portal? Developer portals don’t have access to the same tools/scopes that a Marketing/CRM/test portal does.


#3

Hi @Derek_Gervais,

Thanks for your response. I don’t know what portal I use, how can I recognize that? Sorry, my knowledge of HubSpot is very limited. But since I created a developer account, I suppose that I am trying to authorize with a developer portal, right?

Does it mean that I need a regular HubSpot account to test OAuth with Contacts, Content and Files scopes?

Filip


#4

Hi @Filip_Rachunek,

You’re correct that a developer portal cannot be used to authorize an integration requiring the scopes you’ve requested (since developer portals don’t have those tools). You can create a test portal (which has access to all of the Marketing/CRM tools and scopes other than transactional-email) and install you app there for testing.


#5

Thanks for your help @Derek_Gervais, I’ve created a test portal and everything works now.

Regards,
Filip


#6

Hello @Derek_Gervais,

Sorry to re-open this old thread. Now we have the same problem with our client who is trying to use our integration with their HubSpot account (via OAuth 2.0 authorization flow). Is there something they should verify? I suppose their account is missing some required scopes but the error message does not provide any details.

Thanks for any help.
Filip


#7

Hi @Filip_Rachunek,

Are you requesting the exact same scopes? If the error message is "You do not have the correct role to grant these permissions" then the issue is related to the user's role. The most surefire way to make sure they can install your integration is to make sure the user installing the integration is a super admin; I'd recommend starting there, since if they can get a super admin to install their integration, they won't run into any user-related permission issues.


Users with "Marketing Pro" cannot connect
#8

Hi @Derek_Gervais,

Yes, I put this to the scope parameter of the OAuth authorize URL:

content%20files%20contacts%20forms

And our integration configuration is mentioned in my second post:

We will ask the client to use their super admin account and see what happens.

Can you please have a look at the second thread and check what features the client's account is missing? I posted their Hub ID there.

Thanks,
Filip