API Usage Guidelines

The HubSpot public endpoints are powered by the same underlying technology that powers the core HubSpot application. As a result, HubSpot engineering closely monitors usage of the public APIs to ensure a quality experience for users of the HubSpot application.

Below, you'll find the limits by which a single integration (as identified by an access token) can consume the HubSpot public APIs. If you have any questions, please post them in the developer forum.

  1. HubSpot has the following limits in place for API requests:
    • 10 requests per second.
    • 40,000 requests per day. This daily limit resets at midnight based on the time zone setting of the HubSpot account.
    Customers exceeding either of those limits will receive error responses with a 429 response code. Please see this page for more details about those errors, and suggestions on working with the request limits.
  2. Interations that poll HubSpot for new or updated information are limited to polling for those changes at intervals of 5 minutes or more.
  3. Requests resulting in an error response may not exceed 5% of your total requests.
  4. Integrations should use HubSpot's OAuth protocol.
  5. Integrators must store time-to-live (TTL) data for OAuth access tokens, which will be returned to you in an expires_in paramter whenever you generate an access token. Unauthorized (401) requests are not a valid indicator that a new access token must be retrieved.
  6. Integrators should use their own public and documented APIs when working with the HubSpot APIs.
  7. We reserve the right to change or deprecate the APIs over time - we will provide developers ample notification in those cases. These notifications will be provided through our developer forums.