There's a new version of the HubSpot API
As of November 30, 2022, HubSpot API keys are no longer a supported authentication method for accessing HubSpot APIs. Instead, you should use a private app access token or OAuth to authenticate API calls. Learn more about this change and how to migrate an API key integration to use a private app instead.
To ensure that the requests that your integration is receiving from HubSpot are actually coming from HubSpot, we populate two headers:
X-HubSpot-Signature header will contain the signature that will need to be verified. The method used to verify the signature will depend on the version of the signature.
X-HubSpot-Signature-Version header will contain a version number, i.e.
v2, that will indicate which method should be used to verify the signature included in
See the documentation pages below for details on verifying the different versions of the signature.
|Validating the v1 request signature
|Validating the v2 request signature