APIs & Integrations

carolynebrownle
Member

oAuth - redirect_Uri/scope

we are a third party system which need to integrate into Hubspot via an API to load contacts. From our system the users just needs an updated or not indicator as to whether that contact was created.
Now I don’t know what to put under redirect URI because this is all seamless to the user - they don’t need to be redirect

Another thing is what are the pre-defined scope values that must be used in the API - what are the values recognised by Hubspot

0 Upvotes
6 Replies 6
Derek_Gervais
HubSpot Alumni
HubSpot Alumni

oAuth - redirect_Uri/scope

Hi @carolynebrownlee,

Access tokens expire every 6 hours, but refresh tokens do not expire. When your access token expires, you’ll need to use your refresh token to get a new access token:

0 Upvotes
carolynebrownle
Member

oAuth - redirect_Uri/scope

Perfect – Thanks for the response

carolynebrownle
Member

oAuth - redirect_Uri/scope

Hi Derek

I now understand what you are saying and I am making progress with the integrations my side.
The concern is will the auth code ever expire? I just did a test now and found this is what is being return.
This is going to be an issue - isn’t this meant to be one off at installation

Please let me know

Thanks,
Carolyne

0 Upvotes
Derek_Gervais
HubSpot Alumni
HubSpot Alumni

oAuth - redirect_Uri/scope

Hi @carolynebrownlee,

The HubSpot OAuth flow only allows the authorization_code grant type. If you’re using OAuth, you need an initial user interaction to install the app to a portal. It’s similar to installing a program to your computer; the program might function without any login or user interaction, but the user still needs to install the application to begin with. The following developer doc covers the process of installing an app in a bit more detail:

Installing an app

Details for authorizing and installing an app in a HubSpot portal

After the installation process, you can use the access/refresh tokens to do everything else without any user interaction. If you’re looking to avoid the OAuth process, you could also authenticate your requests with a portal’s API key:

How do I get my HubSpot API key?

Marketing Basic, Professional, and Enterprise customers and portals with a CRM can access the HubSpot API. Learn how to access your HubSpot API key here.

0 Upvotes
Derek_Gervais
HubSpot Alumni
HubSpot Alumni

oAuth - redirect_Uri/scope

Hi @carolynebrownlee,

When a user is installing your app, they’ll be sent to an account selection screen to pick the account they want to install the app in. After they select, they’ll be sent to the redirect uri you specify (where you’ll then grab the code parameter that’s appended to the URL). This process only occurs when the app is being installed.

Regarding scope values; the following developer doc outlines the available scopes:

Initiate an Integration with Oauth 2.0

https://app.hubspot.com/oauth/authorize - Initiate authentication for an app using OAuth 2.0

0 Upvotes
carolynebrownle
Member

oAuth - redirect_Uri/scope

HI Derek

This is all in the backend so there is no login screen and the redirect URI is not required.

I want to simply integrate from a system to send a message to hubspot and hub spot to create the contact.

There is NO user interaction with this integration.

Do you only allow grant type of “authorisation code” or could I sent through the username and password for immediate valiation

Thanks

0 Upvotes