OAuth User Permissions


#1

We are in the final stages of releasing our HubSpot event integration that requires our customers to Oauth against there account within our platform to create an event which then generates landing pages, a form and workflow within the users HubSpot account.

Through testing across multiple test accounts with multiple different HubSpot users within our company we have been noticing some users get the 'Oh uh, you don't have the permissions needed' where as some users are absolutely fine.

The users that had the issues I then went in to their individual user permissions and made sure they have the same Contacts and Marketing permissions as the people who can Oauth. Please note the people who can do not have admin access and can connect fine. The one thing we have noticed and it may not be connected by the users who can't Oauth also have SalesPro or have had SalesPro at some point.

In regards to the app the string when Oauthing displays the following &scope=contacts+content+forms+automation+files+timeline

It seems very confusing for us to understand what user permissions a hubSpot user needs to be able to successfully Oauth. We need to provide our clients with the permissions needed as we don't want to lose people from being able to Oauth.

Any help would be greatly appreciated as it feels there must be bugs within HubSpot around user permissions

many thanks
Lee


#2

Hi @Lee_Farthing,

In general, to authenticate an app a user must be an admin and must have access to the tools that correspond to the scopes being requested. In practice, it's difficult to make claims generally without looking at a specific user/portal/app combination.

Knowing that your app is requesting the contacts, content, forms, automation, files, and timeline scopes, I'd be happy to dig into a specific example user/portal to get some more insight into why they're unable to authenticate your app.