Permission error for webhook


#1

I am trying use webhook API, using OAuth2 mechanism. With only contact scope, I got the error as access token doesn’t have all developer-access permission. So to reduce efforts I gave all permission shown below


My url to get authentication code is https://app.hubspot.com/oauth/authorize?client_id=XXXX&scope=contacts%20automation%20content%20reports%20social%20timeline%20forms%20files%20hubdb%20transactional-email&redirect_uri=https://www.example.com/
But I am getting message as -

My App id is- 58836 and Hub id in which I am installing an app is- 3921742. Why am I facing issue? Thanks


#2

Hi @Prasad_Satalkar,

Any scopes that are checked in your app settings (first screenshot) must be requested in your authorization URL. I would recommend unchecking all of the scopes except the ones you need for your integration. The scopes you request in your URL should exactly match the scopes you have checked. (side note: your test portal won’t have access to transactional email, so you shouldn’t include that either).


#3

When I check only required scope (contacts only), I got message as

What do I do? Which fields do I check?


#5

Hi @Prasad_Satalkar,

Thank you for your patience on this; I was out for the holidays. I’ve removed that image since it included your access token; since the forums are public, it’s best practice to remove any authentication from examples, screenshots, etc.

What request did you make that lead to that error? Was it to your developer portal? The developer-access scope is only present in developer portals, which leads me to believe you’re selecting your developer portal in the portal select screen (instead of a test or production portal).


#6

I tried to create app and test portal.
The flow is -

1)I have created an app (Name= webwooktry1 AND App id- 59021) and created a test portal (Name= webhooktry1-dev-4180366.com AND hub id= 4180366).
2)Created a webhook subscription (Contact creation) in the app.
3)Done authorization by selecting the only contact field as


4)Executed webhook GET api as - https://api.hubapi.com/webhooks/v1/59021/subscriptions with the help of postman and got the error as-

I am getting 403 forbidden error. Can you upload some video for resolution?
Please check the request with the help of requestId. Reply asap.


#7

Hi @Prasad_Satalkar,

The ‘Get Subscriptions’ endpoint requires authentication from your developer portal, not the test portal where you installed the app. Subscriptions are managed in the developer portal where the app lives; you’ll need to use your Developer HAPIkey when making requests to these endpoints.


#8

It's never explained why selecting all scopes within app and authenticating with all scopes that Hubspot lists does not work. Theoretically, if you select all available scopes in your app and then provide all scopes within your request URL, it should authenticate. I've run into the same issue with the same error, and Hubspot has refused to provide support for a week now. Similarly, I tried to authenticate with just "content" selected within app and within the request URL, and even that is now producing the same error.


#9

Hi @Rob_Causey,

This issue is unrelated to OAuth scoping; requests made to get/update an app's webhook settings must be authenticated with a Developer API key. If you're experiencing issues with authenticating an integration, please create a separate topic with details on the scopes you're requesting, the role(s) of the user, and the Hub ID of the portal in question.