There's a new version of the HubSpot API

As of November 30, 2022, HubSpot API keys are no longer a supported authentication method for accessing HubSpot APIs. Instead, you should use a private app access token or OAuth to authenticate API calls. Learn more about this change and how to migrate an API key integration to use a private app instead.

Prerequisites for Integration Platform APIs

Integration application

In order to use the Integration Platform APIs (currently this includes the Timeline API, Webhooks API, and CRM Extensions API), you'll need to sign up for a HubSpot developer account and create a new application

For most use cases, we assume that only OAuth'd apps have access to user accounts. This means that objects created with these APIs (like timeline events) won't appear on user accounts until your app is properly authenticated. However, while you're setting up your timeline events, webhooks, or CRM extensions (or future APIs) you can use your developer API key by clicking the "Get HubSpot API key" button in your developer account.

Developer API key

The Integration Platform APIs use a different authentication type for setup. In addition to being able to set up the integration through the UI from the details for your app, you can also set up the the integration using your developer API key, which you can find by clicking the "Get HubSpot API key" button at the top of the Apps dashboard in your developer account. Note: Your developer API key can only be used to update the settings for the platform APIs for your apps. It cannot be used to access data in your developer or test portals.

As an example for the Timeline API, you would use the Developer API key to create the event type and set up the event properties. After the event is set up, you would use the access_token you'd get from the OAuth flow to create an event on the timeline of a contact.

OAuth

Once you have a developer account and an application created and set up, you'll need to implement our OAuth flow in order for HubSpot users to grant your app access to their portals. See our OAuth documentation for how to do this.