There's a new version of the HubSpot API

We're also working on a new documentation website, you're invited to check it out and give us your feedback.

Get OAuth 2.0 access and refresh tokens

Last updated October 1, 2021

POST /oauth/v1/token

Method Details

HTTP Methods:


Content Type:


Response Format:


Requires Authentication?


Rate Limited?





Marketing & CRM

Use the code you get after a user authorizes your app to get an access token and refresh token. The access token will be used to authenticate requests that your app makes. Access tokens are short lived, so you can use the refresh token to get a new access token when the current access token expires.
Note: HubSpot access tokens will fluctuate in size as we change the information that is encoded. We recommend allowing for tokens to be up to 300 characters to account for any changes.
Required parameters How to use Description
Grant type  grant_type=authorization_code
Used in the request body
The grant type of the request, must be authorization_code for the initial request to get the access and refresh tokens.
Client ID client_id=x The Client ID of your app.
Client secret client_secret=x
Used in the request body
The Client Secret of your app.
Redirect URI  redirect_uri=x
Used in the request body
The redirect URI that was used when the user authorized your app. This must exactly match the redirect_uri used when initiating the OAuth 2.0 connection.
Code code=x
Used in the request body
The code parameter returned to your redirect URI when the user authorized your app.