The HubSpot public endpoints are powered by the same underlying technology that powers the core HubSpot application. As a result, HubSpot engineering closely monitors usage of the public APIs to ensure a quality experience for users of the HubSpot application.

Below, you'll find the limits by which a single integration (as identified by an access token) can consume the HubSpot public APIs. If you have any questions, please post them in the developer forum.

• All integrations must comply with the HubSpot Acceptable Use Policy and API Terms. Please see these pages for more details:
  • https://legal.hubspot.com/acceptable-use
  • https://legal.hubspot.com/api-terms
• HubSpot has the following limits in place for API requests:
  • Integrations using API keys are subject to the daily limits below.This daily limit resets at midnight based on the time zone setting of the HubSpot account.
    

    Product Tier	Limits
    Free & Starter	Burst: 100/10 seconds Daily: 250,000
    Professional and Enterprise	Burst: 100/10 seconds Daily: 500,000
    API Add-On (Any Tier)	Burst: 120/10 seconds Daily: 1,000,000

  • Integrations using OAuth are only subject to the limit of 100 requests per 10 seconds. The limits related to the API add-on do not apply to integrations using OAuth.
  Integrations exceeding either of those limits will receive error responses with a 429 response code. Please see this page for more details about those errors, and suggestions on working with the request limits.
  • You can find more details about our service limits here: http://www.hubspot.com/pricing/service-limits
• Integrations that poll HubSpot for new or updated information are limited to polling for those changes at intervals of 5 minutes or more.
• Requests resulting in an error response may not exceed 5% of your total requests.
• Integrations should use HubSpot's OAuth protocol.
• Integrators must store time-to-live (TTL) data for OAuth access tokens, which will be returned to you in an expires_in parameter whenever you generate an access token. Unauthorized (401) requests are not a valid indicator that a new access token must be retrieved.
• Integrators should use their own public and documented APIs when working with the HubSpot APIs.
• We reserve the right to change or deprecate the APIs over time - we will provide developers ample notification in those cases. These notifications will be provided through our developer changelog.
• You may create no more than 100 applications per developer account
• You may create no more than 1000 webhook subscription per application
• You may create no more than 25 CRM Extension Settings per application
• You may create no more than 750 Timeline Event Types per application
• You may create no more than 500 properties per Timeline Event Type