Uh oh! The integration platform does not have permissions to request the set of scopes


#1

I am aware of similar topics covering this: Uh oh! The integration platform does not have permissions to request the set of scopes. Please contact the integration platform, but it did not have a solution for me.

I’m working on updating the hubspot-omniauth Ruby gem to work with OAuth2. I’m running into some issues with permission scopes when testing it against the API.

The authorization URL works fine, I select an Account and get redirected to this page:

https://app.hubspot.com/oauth/2679193/authorize?client_id=CLIENT_ID&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fhubspot%2Fcallback&response_type=code&scope=contacts&state=7508d43a2c09744b4a9aec83afa739a4ee7efa5366c0a93a

And from here I get rejected by having the wrong scopes.

The application I am testing with is 37697 and I have tried adding all scopes to the application as well as just adding the contacts scope (and also contacts + basic), but no combination I have tried has been successful.

Any recommendations?


#2

Hi @lcpriest

This is a similar issue to some of the other recent posts. The portal you’re trying to authorize is a marketing free portal, which will not have API access, so for that specific portal no scopes would be supported.


#3

I am struggling with this same problem! If the portal I’m using does not have API access, then why does it provide me with

  1. A client id and secret
  2. The ability to add scopes by editing my app
  3. Instructions on how to authorize
  4. NO mention of payment needed in order for it to work

Very frustrating.


#4

My issue was that I was using the omniauth-ruby library, but that is OAuth1, not OAuth2, and every other part of my code was OAuth2.

So, I was using the wrong scope names as the two implementations call them different things.

Here is my OAuth2 implementation for Ruby.

provider :hubspot, ENV['HUBSPOT_CLIENT_ID'], ENV['HUBSPOT_SECRET'], scope: 'timeline'

#5

@delorenj the app would be edited from within the Developer account, which doesn’t include any of the normal HubSpot tools outside of the developer tools (such as creating or editing apps, and creating test portals). Those accounts would not have access to things like Contacts or Content.

Creating the app gives you the client ID and scope setup that you’d need to use to authenticate another portal (include a test portal) that would have access to the other tools.


#6

Thanks @dadams!

I think that might be the problem. I guess I misunderstood the roles of the dev and test portals


#7

@dadams I created a test portal, but was not able to log in with the original user (that the account was created with - despite having admin privileges).

I created a new user with the same privileges and tried again. Success! I was then logged in to my test portal (which notified me that I have 88 days left in my trial.

Next, I tried to retrieve my token following the OAuth2 instructions using my new user that I had just made. Using this new user no longer received the “Uh oh” message and was asked to Grant Privileges. But when I click to approve, nothing happens.

Please see this screen capture.

https://vid.me/6UXM


#8

Ooo! I just checked the response and it notified me that I had an invalid request_uri

Looks like that fixed it!

Would be nice to have some sort of error message on failure

But now I receive a response that says:

error=invalid_request&error_description=missing+or+invalid+scopes

I am not missing the scope param and my app definitely allows contacts as a scope.

Here is my request:
https://app.hubspot.com/oauth/2683034/authorize?client_id={{client-id}}&scope=contacts&redirect_uri=http://local.splashthat.com/authorize/hubspot/callback

UPDATE: After removing all scope access except for contacts and Basic OAuth I finally retrieved a code.


#9

@delorenj glad to see you got that working. Any scopes checked in the app settings are considered required, so you’ll need to include them in the authorize URL or you’ll get that missing scopes error. We have a few other things were updating for scopes and we’ll get the documentation updated with more details about how scopes work.


#10

@dadams: Hi I’m getting this “An invalid scope name was provided. Please contact the integrator.” response.
I created developer account, test portals but still I couldn’t get the code.


#11

What is the marketing free portals, I would like to test OAuth2 is there any way for that ? or do I need a premium account for that?


#12

@saifali40 Marketing Free portals don’t currently have API access, so if your account only has the Marketing Free tools you will not be able to authorize the account.


#13

Hi everyone!! One more info about this portal auth with application.
You should use private application to to this! I got an integration with private application. Also what i investigated is that you can pass different scopes with private app even if they don’t set in app settings.
But
this is small recap:

  1. Try use same amount of scopes in request url as selected in app settings
  2. For test and development please crete the private application instead public
  3. inside request url scopes should be separated by %20 symbol. But if you are using omniauth-hubspot gem you should use just gaps.