Authentication for your integration starts with creating an app in a HubSpot developer account. You'll use the client ID and client secret from that app to initiate the OAuth handshake between HubSpot and your integration.
Note: If you're just getting started with building on HubSpot, we strongly recommend checking out the OAuth 2.0 Quickstart Guide. This guide will quickly get you up and running with a working example app.
OAuth 2.0 allows a user to authorize your app to work with specific tools in their HubSpot account, designated by the authorization scopes you set. You can find more details about the available scopes and the tools they provide access to here.
There are four main steps to connect your integration with a customer's HubSpot account using OAuth:
Note: Your app will not appear as a connected app in the integration settings unless you complete the first two of these steps. You must generate the refresh token and initial access token to have the app appear as connected.
codeappended to the URL. Use that code and your client secret to get an access_token and refresh_token.