There's a new version of the HubSpot API

As of November 30, 2022, HubSpot API Keys are being deprecated and are no longer supported. Continued use of HubSpot API Keys is a security risk to your account and data. Your API Keys could be deactivated at any time after Nov. 30th, and we recommend that you migrate to Private Apps as soon as possible so you do not lose business-critical functionality.

Refresh OAuth 2.0 access token

Last updated October 1, 2021

POST /oauth/v1/token

Method Details

HTTP Methods:


Content Type:


Response Format:


Requires Authentication?


Rate Limited?





Marketing & CRM

Use a previously obtained refresh token to generate a new access token. Access tokens are short lived; you can check the expires_in parameter when generating an access token to determine its lifetime (in seconds). If you need offline access to HubSpot data, store the refresh token you get when initiating your OAuth integration and use it to generate a new access token once the initial one expires.

Note: HubSpot access tokens will fluctuate in size as we change the information that is encoded the tokens. We recommend allowing for tokens to be up to 300 characters to account for any changes we may make.
Required parameters How to use Description
Grant type  grant_type=refresh_token
Used in the request body
The grant type of the request, must be refresh_token when refreshing an access token.
Client Id client_id=x The client ID of your app.
Client secret client_secret=x
Used in the request body
The client secret of your app.
Refresh token refresh_token=x
Used in the request body
The refresh token obtained when initially authenticating your OAuth integration.